关联漏洞
标题:
Apache Tomcat 环境问题漏洞
(CVE-2025-24813)
描述:Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。用于实现对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat 11.0.0-M1至11.0.2版本、10.1.0-M1至10.1.34版本和9.0.0.M1至9.0.98版本存在环境问题漏洞。攻击者利用该漏洞可以远程执行代码或泄露敏感信息。
描述
CVE-2025-24813 - Apache Tomcat Vulnerability Scanner
介绍
# CVE-2025-24813-Scanner
# CVE-2025-24813 - Apache Tomcat Vulnerability Scanner
## Overview
CVE-2025-24813 is a critical security vulnerability in **Apache Tomcat**, allowing attackers to exploit improperly handled **partial PUT requests**. This vulnerability can lead to **Remote Code Execution (RCE)**, **data leaks**, and **file uploads** that could compromise the server.
This repository provides a Python-based scanner (`CVE-2025-24813.py`) to check if a target Apache Tomcat server is vulnerable.
---
## Affected Versions
The following **Apache Tomcat** versions are affected:
- **9.0.0.M1 to 9.0.98**
- **10.1.0-M1 to 10.1.34**
- **11.0.0-M1 to 11.0.2**
If your server runs any of these versions, you should **immediately update** to a patched version.
---
## How the Exploit Works
The vulnerability arises from Tomcat’s mishandling of **partial PUT requests**. Attackers can:
- Upload malicious JSP files
- Bypass security restrictions
- Execute arbitrary code on the server
The scanner tests for this vulnerability by sending a **PUT request** with a test file and checking the server’s response.
---
## Installation
Clone the repository and install the required dependencies:
```sh
git clone https://github.com/issamjr/CVE-2025-24813-Scanner.git
cd CVE-2025-24813-Scanner
pip install -r requirements.txt
```
## Usage
Run the scanner against a target server:
```sh
python3 CVE-2025-24813.py http://target-ip:port
```
Example:
```sh
python3 CVE-2025-24813.py http://192.168.1.1:8080
```
### Output:
- **Vulnerable Server** (Green Output):
```
[+] Target is vulnerable to CVE-2025-24813!
```
- **Not Vulnerable** (Red Output):
```
[-] Target is not vulnerable.
```
- **Connection Issues** (Yellow Output):
```
[!] Failed to connect to target.
```
---
## Mitigation
To protect your server from CVE-2025-24813:
1. **Update Apache Tomcat** to the latest patched version:
- **9.0.99 or later**
- **10.1.35 or later**
- **11.0.3 or later**
2. **Disable Partial PUT Requests** if not needed.
3. **Monitor Logs** for unauthorized file uploads.
## References
- [Apache Security Advisory](https://tomcat.apache.org/security-2025.html)
- [Security Online Report](https://securityonline.info/cve-2025-24813-flaw-in-apache-tomcat-exposes-servers-to-rce-data-leaks-update-immediately/)
- [IONIX Blog on CVE-2025-24813](https://www.ionix.io/blog/apache-tomcat-path-equivalence-vulnerability-cve-2025-24813/)
文件快照
[4.0K] /data/pocs/46b60269d2359f99d27a0a4c9909f4942aa75b85
├── [1.2K] CVE-2025-24813.py
├── [2.4K] README.md
└── [ 18] requirements.txt
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。