CVE-2025-24813

Summary

CVE-2025-24813 is a vulnerability in Apache Tomcat that allows remote code execution and information disclosure. This issue is caused by a path equivalence issue in the default servlet, which can lead to the writing of malicious content to uploaded files. The vulnerability affects versions 11.0.0-M1 through 11.0.2, 10.1.0-M1 through 10.1.34, and 9.0.0.M1 through 9.0.98. To exploit this vulnerability, an attacker needs writes enabled for the default servlet, support for partial PUT, knowledge of the names of security sensitive files being uploaded, and the ability to upload those files via partial PUT. If these conditions are met, the attacker can view sensitive files or inject malicious content into them. In some cases, this can lead to remote code execution. To mitigate this risk, users are advised to upgrade to version 11.0.3, 10.1.35, or 9.0.99, which address the underlying issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.