CVE-2025-24813

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 10, 2025

Updated: Apr 3, 2025

CWE ID 44

CWE ID 502

CWE ID 706

Summary

CVE-2025-24813 is a vulnerability in Apache Tomcat that allows remote code execution and information disclosure. This issue is caused by a path equivalence issue in the default servlet, which can lead to the writing of malicious content to uploaded files. The vulnerability affects versions 11.0.0-M1 through 11.0.2, 10.1.0-M1 through 10.1.34, and 9.0.0.M1 through 9.0.98. To exploit this vulnerability, an attacker needs writes enabled for the default servlet, support for partial PUT, knowledge of the names of security sensitive files being uploaded, and the ability to upload those files via partial PUT. If these conditions are met, the attacker can view sensitive files or inject malicious content into them. In some cases, this can lead to remote code execution. To mitigate this risk, users are advised to upgrade to version 11.0.3, 10.1.35, or 9.0.99, which address the underlying issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Apache Tomcat
Debian

Affected Vendors

Apache Corporation
Debian

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners