Disposal Advisory for Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813)

março 25, 2025
Vulnerability Overview Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813) NSFOCUS Detection Methods NSFOCUS Remote Security Assessment System (RSAS), Web Vulnerability Scanning System (WVSS) and Network Intrusion Detection System (IDS) have the ability to scan and detect this vulnerability. Users who deploy the above devices are requested to upgrade to the latest version. Upgrade site: NSFOCUS_Product Support Service_Product Upgrade […]
Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813)

março 11, 2025
Overview Recently, NSFOCUS CERT detected that Apache issued a security announcement and fixed the remote code execution vulnerability of Apache Tomcat (CVE-2025-24813). An unauthenticated attacker can execute arbitrary code to gain server privileges when the application has servlet write enabled (disabled by default), uses Tomcat file session persistence and a default storage location, and contains […]
Apache Tomcat Session Deserialization Code Execution Vulnerability (CVE-2021-2532 9) Threat Alert

março 5, 2021
Vulnerability Description On March 1, 2021, NSFOCUS observed that Apache Software Foundation (ASF) released a security bulletin to announce the fix of a remote code execution vulnerability via session persistence. This vulnerability is due to the bypass of the patch against CVE-2020-9484. If Tomcat’s session persistence function is used, its insecure configuration allows attackers to […]
Apache Tomcat File Inclusion Vulnerability (CVE-2020-1938) Threat Alert

março 2, 2020
Vulnerability Description
On February 20, China National Vulnerability Database (CNVD) released an Apache Tomcat file inclusion vulnerability (CNVD-2020-10487/CVE-2020-1938). This vulnerability is due to a flaw in the Tomcat Apache JServ Protocol (AJP). An attacker could exploit this vulnerability to read arbitrary files from a web application directory on the server. If the target server also provides the file upload function, the attacker can further implement remote code execution. Currently, the vendor has released new versions to fix this vulnerability. Tomcat is an important project of the Apache Software Foundation (ASF). Owing to its stable performance and availability for free use, it is quite a popular web application server. Considering the widespread deployment of Tomcat, the vulnerability in question affects a large number of users. Tomcat users should take preventive measures to fix this vulnerability as soon as possible.