Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2025-24813

Description

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:- writes enabled for the default servlet (disabled by default)- support for partial PUT (enabled by default)- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads- attacker knowledge of the names of security sensitive files being uploaded- the security sensitive files also being uploaded via partial PUTIf all of the following were true, a malicious user was able to perform remote code execution:- writes enabled for the default servlet (disabled by default)- support for partial PUT (enabled by default)- application was using Tomcat's file based session persistence with the default storage location- application included a library that may be leveraged in a deserialization attackUsers are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.

POC

Reference

- https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md

- https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce

- https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce

- https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability

- https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability

Github

- https://github.com/0xMarcio/cve

- https://github.com/0xsyr0/OSCP

- https://github.com/137f/PoC-CVE-2025-24813

- https://github.com/AMatheusFeitosaM/OSCP-Cheat

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/Alaatk/CVE-2025-24813-POC

- https://github.com/AlperenY-cs/CVE-2025-24813

- https://github.com/Andromeda254/cve

- https://github.com/Anomaly-8/ZPOZAS_lab2

- https://github.com/AsaL1n/CVE-2025-24813

- https://github.com/B1gN0Se/Tomcat-CVE-2025-24813

- https://github.com/Bryant001/Kenna_Connector

- https://github.com/CEAlbez/CVE-2025-24813-PoC

- https://github.com/Eduardo-hardvester/CVE-2025-24813

- https://github.com/Erosion2020/CVE-2025-24813-vulhub

- https://github.com/FY036/cve-2025-24813_poc

- https://github.com/Franconyu/Poc_for_CVE-2025-24813

- https://github.com/GadaLuBau1337/CVE-2025-24813

- https://github.com/GhostTroops/TOP

- https://github.com/GongWook/CVE-2025-24813

- https://github.com/Heimd411/CVE-2025-24813-noPoC

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/La3B0z/CVE-2025-24813-POC

- https://github.com/Leviticus-Triage/ChromSploit-Framework

- https://github.com/MOCSCTF/cli-AI-assist

- https://github.com/Makavellik/POC-CVE-2025-24813-Apache-Tomcat-Remote-Code-Execution

- https://github.com/Mattb709/CVE-2025-24813-PoC-Apache-Tomcat-RCE

- https://github.com/Mattb709/CVE-2025-24813-Scanner

- https://github.com/MuhammadWaseem29/CVE-2025-24813

- https://github.com/N0c1or/CVE-2025-24813_POC

- https://github.com/Olabanji10/Apache-GOExploiter

- https://github.com/Ostorlab/KEV

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/Sachinart/vbulletin-rce

- https://github.com/Shivshantp/CVE-2025-24813

- https://github.com/Sincan2/mhl

- https://github.com/Threekiii/Awesome-POC

- https://github.com/Threekiii/CVE

- https://github.com/VishuGahlyan/OSCP

- https://github.com/abhas9/cve-default-exploitability

- https://github.com/absholi7ly/POC-CVE-2025-24813

- https://github.com/being1943/my_rss_reader

- https://github.com/beyond-devsecops/CVE-2025-24813

- https://github.com/brs6412/CVE-2025-24813

- https://github.com/cchopin/CVE-Arsenal-Lab

- https://github.com/charis3306/CVE-2025-24813

- https://github.com/cyglegit/CVE-2025-24813

- https://github.com/diegopacheco/Smith

- https://github.com/drcrypterdotru/Apache-GOExploiter

- https://github.com/f8l124/CVE-2025-24813-POC

- https://github.com/fatkz/CVE-2025-24813

- https://github.com/fkie-cad/nvd-json-data-feeds

- https://github.com/gregk4sec/CVE-2025-24813

- https://github.com/gregk4sec/cve

- https://github.com/hakankarabacak/CVE-2025-24813

- https://github.com/horsehacks/CVE-2025-24813-checker

- https://github.com/iSee857/CVE-2025-24813-PoC

- https://github.com/iamthefrogy/BountyHound

- https://github.com/imbas007/CVE-2025-24813-apache-tomcat

- https://github.com/intruderlabs/tomcatch

- https://github.com/issamjr/CVE-2025-24813-Scanner

- https://github.com/jitmondal1/OSCP

- https://github.com/m3n0sd0n4ld/uCVE

- https://github.com/maliqto/PoC-CVE-2025-24813

- https://github.com/manjula-aw/CVE-2025-24813

- https://github.com/mbanyamer/Apache-Tomcat---Remote-Code-Execution-via-Session-Deserialization-CVE-2025-24813-

- https://github.com/megabyte-b/Project-Ares

- https://github.com/michael-david-fry/Apache-Tomcat-Vulnerability-POC-CVE-2025-24813

- https://github.com/msadeghkarimi/CVE-2025-24813-Exploit

- https://github.com/msamil93/firewallers_capstone_project_cs564

- https://github.com/n0n-zer0/Spring-Boot-Tomcat-CVE-2025-24813

- https://github.com/nn0nkey/mytools

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/packetinside/CISA_BOT

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/ps-interactive/lab-cve-2025-24813

- https://github.com/rxerium/stars

- https://github.com/s-b-repo/rustsploit

- https://github.com/sentilaso1/CVE-2025-24813-Apache-Tomcat-RCE-PoC

- https://github.com/srinivasraom/cve-2025024813

- https://github.com/tanjiti/sec_profile

- https://github.com/thebringerofdeath789/CVE-2025-24813

- https://github.com/threadpoolx/CVE-2025-24813-Remote-Code-Execution-in-Apache-Tomcat

- https://github.com/tonyarris/CVE-2025-24813-PoC

- https://github.com/u238/Tomcat-CVE_2025_24813

- https://github.com/ums91/CISA_BOT

- https://github.com/w4zu/Debian_security

- https://github.com/x00byte/PutScanner

- https://github.com/x1ongsec/CVE-2025-24813

- https://github.com/yaleman/cve-2025-24813-poc

- https://github.com/yembors64632/cve_monitor_Public

- https://github.com/zhanpengliu-tencent/medium-cve

- https://github.com/zhaoolee/garss