EXPLOITDB-EDB-49039

EXPLOITDB ruby VERIFIED WORKING POC

Exploit for CVE-2020-1938 - Apache Geode < 7.0.100 - Remote Code Execution

AI Analysis

This Metasploit module exploits CVE-2020-1938 (Ghostcat) in Apache Tomcat by crafting malicious AJP packets to read arbitrary files or execute JSP code. It leverages the AJP protocol's trust model to bypass security restrictions.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform multiple

Language ruby

Files 1

https://www.exploit-db.com/exploits/49039

Authors

SunCSR A Security Researcher of Chaitin Tech ThienNV - SunCSR

Vulnerability

CVE-2020-1938

Apache Geode < 7.0.100 - Remote Code Execution

CRITICAL KEV

CVSS 9.8