关联漏洞
标题:
Apache Tomcat 安全漏洞
(CVE-2025-48988)
描述:Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。用于实现对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat存在安全漏洞,该漏洞源于资源分配无限制或节流。以下版本受到影响:11.0.0-M1版本至11.0.7版本、10.1.0-M1版本至10.1.41版本和9.0.0.M1版本至9.0.105版本。
介绍
# CVE-2025-48988 & CVE-2025-48976
## About
This project runs a simple file upload endpoint with Tomcat 10.1.41 and a Jakarta Servlet.
The exploit runs, by default, 1000 parallelized multipart requests with 1000 parts and 50 headers by part, from 50 workers.
## Run POC
Build and run the Docker container:
```docker build -t poc-cve-2025-48988 .```
```docker run -p 8080:8080 poc-cve-2025-48988```
Launch the exploit:
```python3 exploit-cve-2025-48988.py```
Monitor container resource usage:
```docker stats```
You will observe a significant increase in CPU usage:
## Remediation
Change docker image in dockerfile from `tomcat:10.1.41-jdk17` to `tomcat:10.1.42-jdk17`
With its default configuration, Tomcat will now respond with a 500 status code and CPU usage will remain stable, as per [fix](https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86#diff-1c3529b11adf91d5683a4d5394264b2f71383677ff4fb07f30f3e70c11b8e585R488-R877) introduced in Tomcat 10.1.42.
文件快照
[4.0K] /data/pocs/50522062b217027f9165912b123511c930a1f30a
├── [ 833] dockerfile
├── [2.0K] exploit-cve-2025-48988.py
├── [1.0K] README.md
├── [4.0K] screenshots
│ └── [ 14K] docker_stats_tomcat_10.1.41.png
├── [4.0K] src
│ └── [1011] UploadServlet.java
└── [4.0K] web
└── [4.0K] WEB-INF
└── [ 330] web.xml
4 directories, 6 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。