Apache Tomcat is currently under cyberattack due to vulnerability CVE-2025-24813, allowing attackers to exploit the system through remote code execution. This vulnerability was revealed on March 10, prompting a swift release of a proof of concept. The attack methodology involves sending encoded payloads via PUT requests, leading to unsafe deserialization upon processing GET requests. As a result, attackers gain significant control over affected systems without authentication. Conditions such as enabled writes and public placement of sensitive files exacerbate the risk, demonstrating a critical security concern for Tomcat applications.
Apache Tomcat is facing a significant threat as cybercriminals exploit CVE-2025-24813, allowing remote code execution through seemingly normal HTTP requests.
The vulnerability was disclosed by Apache on March 10, with a proof of concept rapidly shared, leading to active exploitation of affected systems.
Attacks leverage base64-encoded malicious payloads transmitted via PUT requests, enabling deserialization of unsafe session data and granting attackers full remote access.
This vulnerability poses a serious risk as it permits attackers to access and modify sensitive files without the need for authentication.
Collection
[
|
...
]