Vulnerability detail
Enriched intelligence for a single CVE
Critical
CVE-2025-24813
PUBLISHEDApache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
- Vendor
- Apache Software Foundation
- Product
- Apache Tomcat
- Published
- Mar 10, 2025
- EPSS
- —
Description
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.
CVSS scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- total
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Apr 01, 2025 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Nessus | https://www.tenable.com/plugins/nessus/237016 | Jun 02, 2025 |
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/tomcat_partial_put_deserialization.rb | Apr 28, 2025 |
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-24813.yaml | Apr 25, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
metasploit · Created Unknown
Metasploit module for CVE-2025-24813
github · Created 2025-04-27 13:50:24 UTC · 0 stars
Proof of Concept (PoC) script for CVE-2025-24813, vulnerability in Apache Tomcat.
github · Created 2025-04-18 11:03:33 UTC · 2 stars
CVE-2025-24813的vulhub环境的POC脚本
github · Created 2025-04-12 19:12:39 UTC · 1 stars
CVE-2025-24813-Scanner is a Python-based vulnerability scanner that detects Apache Tomcat servers vulnerable to CVE-2025-24813, an arbitrary file upload vulnerability leading to remote code execution (RCE) via insecure PUT method handling and jsessionid exploitation.
github · Created 2025-04-12 17:38:02 UTC · 1 stars
A Python proof-of-concept exploit for CVE-2025-24813 - Unauthenticated RCE in Apache Tomcat (v9.0.0-9.0.98/10.1.0-10.1.34/11.0.0-11.0.2) via malicious Java object deserialization. Includes safe detection mode and custom payload support.
github · Created 2025-04-10 14:49:14 UTC · 7 stars
CVE-2025-24813 poc
github · Created 2025-04-09 15:20:32 UTC · 0 stars
A simple, easy-to-use POC for CVE-2025-42813 (Apache Tomcat versions below 9.0.99).
github · Created 2025-04-08 14:52:37 UTC · 0 stars
github · Created 2025-04-07 22:43:56 UTC · 0 stars
Hello researchers, I have a checker for the recent vulnerability CVE-2025-24813-checker.
github · Created 2025-04-07 16:17:06 UTC · 0 stars
github · Created 2025-04-06 19:36:48 UTC · 0 stars
CVE-2025-24813-POC JSP Web Shell Uploader
github · Created 2025-04-05 18:57:08 UTC · 30 stars
github · Created 2025-04-05 09:07:13 UTC · 3 stars
simple exp for CVE-2025-24813
github · Created 2025-03-31 19:01:28 UTC · 0 stars
github · Created 2025-03-30 09:39:45 UTC · 0 stars
This repository contains a shell script based POC on Apache Tomcat CVE-2025-24813. It allow you to easily test the vulnerability on any version of Apache Tomcat
github · Created 2025-03-28 09:44:28 UTC · 1 stars
Create lab for CVE-2025-24813
github · Created 2025-03-22 15:16:41 UTC · 1 stars
A PoC for CVE-2025-24813
github · Created 2025-03-21 18:05:27 UTC · 1 stars
CVE-2025-24813 Apache Tomcat RCE Proof of Concept (PoC)
github · Created 2025-03-20 22:52:00 UTC · 0 stars
POC for CVE-2025-24813 using Spring-Boot
github · Created 2025-03-19 14:32:01 UTC · 0 stars
Apache Tomcat Vulnerability POC (CVE-2025-24813)
github · Created 2025-03-18 08:42:12 UTC · 5 stars
Apache Tomcat Remote Code Execution (RCE) Exploit - CVE-2025-24813
github · Created 2025-03-17 22:39:38 UTC · 2 stars
Nuclei Template CVE-2025–24813
github · Created 2025-03-17 03:58:34 UTC · 2 stars
CVE-2025-24813 - Apache Tomcat Vulnerability Scanner
github · Created 2025-03-14 07:36:58 UTC · 110 stars
his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
github · Created 2025-03-13 10:00:03 UTC · 82 stars
Apache Tomcat 远程代码执行漏洞批量检测脚本(CVE-2025-24813)
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Proof of Concept Exploit Available
-
Added to KEVIntel
-
Detected by Nuclei
-
Detected by Metasploit
-
Detected by Nessus