Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2025-24813
Topic description: "Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. ..."
"On March 10, 2025, the Apache Software Foundation [published](https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq) an advisory for [CVE-2025-24813](https://nvd.nist.gov/vuln/detail/CVE-2025-24813), an unauthenticated remote code execution vulnerability in Apache Tomcat’s “partial PUT” feature ..."
Link: https://attackerkb.com/assessments/1a24556d-24fb-4017-be67-e4ab39c76566
Topic description: "Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. ..."
"On March 10, 2025, the Apache Software Foundation [published](https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq) an advisory for [CVE-2025-24813](https://nvd.nist.gov/vuln/detail/CVE-2025-24813), an unauthenticated remote code execution vulnerability in Apache Tomcat’s “partial PUT” feature ..."
Link: https://attackerkb.com/assessments/1a24556d-24fb-4017-be67-e4ab39c76566
0
1
1