Executive Summary

Informations
Name CVE-2025-24813 First vendor Publication 2025-03-10
Vendor Cve Last vendor Modification 2025-03-21

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 9.8
Base Score 9.8 Environmental Score 9.8
impact SubScore 5.9 Temporal Score 9.8
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.

If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT

If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack

Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24813

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-706 Use of Incorrectly-Resolved Name or Reference
50 % CWE-502 Deserialization of Untrusted Data

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 560

Sources (Detail)

http://www.openwall.com/lists/oss-security/2025/03/10/5
https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md
https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq
https://security.netapp.com/advisory/ntap-20250321-0001/
https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce
https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2025-03-21 21:20:36
  • Multiple Updates
2025-03-20 00:20:36
  • Multiple Updates
2025-03-18 21:20:33
  • Multiple Updates
2025-03-18 17:20:41
  • Multiple Updates
2025-03-17 21:20:41
  • Multiple Updates
2025-03-12 21:20:29
  • Multiple Updates
2025-03-10 21:20:30
  • First insertion