🚨Active Exploitation Alert: Critical Apache Tomcat RCE (CVE-2025-24813). Majority of traffic targeting U.S.-based systems. Exploits limited to naive attackers using PoC code. Full analysis & attacker IPs: https://greynoise.io/blog/active-exploitation-critical-apache-tomcat-rce-vulnerability-cve-2025-24813
#ApacheTomcat #Apache #GreyNoise #Vulnerability #CVE202524813
@buherator @cR0w @greynoise And could you emphasize the fact that by default these vulnerability is not active?
The default servlet configuration must be change to write enabled.
This information is nowhere to be seen on your blog post and yet the first thing to check and an easy remediation