This repository was archived by the owner on Apr 2, 2025. It is now read-only.
This repository was archived by the owner on Apr 2, 2025. It is now read-only.
CVE-2025-24813 : Apache Tomcat - path equivalence vulnerability #10
Initial Access T1190 Exploit Public-Facing Application Attacker exploits Tomcat via vulnerable PUT request
Defense Evasion T1027 Obfuscated Files or Information Payload is Base64-encoded and deserialization is delayed
Local setup
Configure a Tomcat instance on the Router/firewall machine (in between instance)
Attack it with an exterior machine and the PoC
Capture the Network traffic of the attack with Tcpdump
find a way to spot it though the pcap (maybe though the base64 format)
External sources
https://www.notion.so/trout-software/Apache-Tomcat-1c1f9f8a093980cabfe4cf1cf2912329
https://github.com/iSee857/CVE-2025-24813-PoC
https://github.com/absholi7ly/POC-CVE-2025-24813
https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-03-14-Testing-CVE-2025-24813.md