Remote Code Execution and Information Disclosure Vulnerability in Apache Tomcat Software
CVE-2025-24813
Key Information:
- Vendor
- Apache
- Status
- Vendor
- CVE Published:
- 10 March 2025
Badges
What is CVE-2025-24813?
CVE-2025-24813 is a vulnerability in Apache Tomcat, a widely used open-source implementation of the Java Servlet, JavaServer Pages, and Java Expression Language technologies. This vulnerability presents significant risks as it allows for remote code execution and information disclosure, potentially leading to unauthorized access to sensitive data or manipulation of server-side logic. Given that Apache Tomcat is often deployed in enterprise environments, organizations utilizing this software face threats that could compromise the integrity and confidentiality of their applications and data.
Technical Details
The CVE-2025-24813 vulnerability arises from a path equivalence issue concerning the 'file.Name' parameter, which can lead to inadequate protections against malicious interactions. Specifically, if several conditions are met—such as having write access enabled for the default servlet (although this is disabled by default) and support for partial PUT requests enabled—attackers may exploit this vulnerability to either execute arbitrary code remotely or disclose sensitive information in uploaded files. This highlights potential weaknesses in how uploaded files are processed in specific configurations of Apache Tomcat.
Potential Impact of CVE-2025-24813
-
Remote Code Execution: If conditions are met, attackers could execute arbitrary code on the server, potentially giving them control over the affected system.
-
Information Disclosure: Malicious users may gain access to sensitive files, leading to unauthorized exposure of critical data that could affect the organization’s confidentiality and privacy.
-
Malicious Content Injection: There is a risk that attackers may inject harmful content into uploaded files, which could be used to further exploit the system or distribute malware to other users or systems interacting with the compromised application.
Affected Version(s)
Apache Tomcat 11.0.0-M1 <= 11.0.2
Apache Tomcat 10.1.0-M1 <= 10.1.34
Apache Tomcat 9.0.0.M1 <= 9.0.98
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
cyfirmaCVE-2025-24813CVE-2025-24813 : Apache Tomcat RCE Vulnerability Analysis - CYFIRMA
Published On : 2025-03-21 EXECUTIVE SUMMARY CVE-2025-24813 is a critical Remote Code Execution (RCE) vulnerability in Apache Tomcat, stemming from a path equivalence flaw that allows attackers to...
1 day ago
GBHackers NewsCVE-2025-24813Hackers Actively Exploit Apache Tomcat Servers via CVE-2025-24813 – Patch Now
A concerning development has emerged with the active exploitation of Apache Tomcat servers through the recently disclosed vulnerability, CVE-2025-24813.
4 days ago
EsriCVE-2025-24813Recent Apache Tomcat RCE Vulnerabilities
There has been a recent string of media-hyped open-source component vulnerabilities in Apache Tomcat over the last several weeks. One of these (CVE-2025-24813) is receiving heightened scrutiny because it is...
5 days ago
References
EPSS Score
86% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🥇
Vulnerability reached the number 1 worldwide trending spot
- 🟡
Public PoC available
- 👾
Exploit known to exist
- 📈
Vulnerability started trending
- 📰
First article discovered by Cyber Kendra
Vulnerability published
Vulnerability Reserved