PT-2025-10603 · Apache +11 · Apache Tomcat +11

Sw0Rd1Ight

·

Published

2025-02-10

·

Updated

2025-09-17

·

CVE-2025-24813

CVSS v2.0
10
VectorAV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions:

Apache Tomcat versions 9.0.0.M1 through 9.0.98, 10.1.0-M1 through 10.1.34, and 11.0.0-M1 through 11.0.2.

Description:

The vulnerability in Apache Tomcat is caused by an error in handling uploaded session files and deserialization. Exploitation of the vulnerability allows an unauthenticated attacker to upload an arbitrary file to the server for subsequent execution. A public exploit is available for the vulnerability, and instances of exploitation have been recorded.

Recommendations:

To address the vulnerability, users are advised to upgrade to version 11.0.3, 10.1.35, or 9.0.99, which fixes the issue. Additionally, users can mitigate the problem by reverting to the default servlet configuration (readonly="true"), disabling partial PUT support, and avoiding the storage of confidential files in subdirectories of public upload paths.

Exploit

Fix

RCE

HTTP Request/Response Smuggling

Deserialization of Untrusted Data

Weakness Enumeration

CWE-706CWE-444CWE-502CWE-44

Related Identifiers

ALSA-2025:3645
ALSA-2025:3683
ALSA-2025:7494
ALSA-2025:7497
ALT-PU-2025-4735
ALT-PU-2025-7452
BDU:2025-02511
BIT-TOMCAT-2025-24813
CESA-2025_3683
CVE-2025-24813
DLA-4108-1
DSA-5893-1
GHSA-83QJ-6FR2-VHQG
INFSA-2025_3645
INFSA-2025_3683
MGASA-2025-0105
OPENSUSE-SU-2025:14896-1
OPENSUSE-SU-2025:14897-1
OPENSUSE-SU-2025_1024-1
OPENSUSE-SU-2025_1126-1
RHSA-2025:3454
RHSA-2025:3608
RHSA-2025:3645
RHSA-2025:3646
RHSA-2025:3647
RHSA-2025:3683
RHSA-2025:3684
RHSA-2025:7494
RHSA-2025:7497
RHSA-2025_3645
RHSA-2025_3683
SUSE-SU-2025:0954-1
SUSE-SU-2025:1024-1
SUSE-SU-2025:1126-1
SUSE-SU-2025_0954-1
USN-7525-1
USN-7525-2

Affected Products

Alt Linux
Almalinux
Apache Tomcat
Astra Linux
Centos
Debian
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu