NOMISEC-abrewer251/CVE-2020-1938_Ghostcat-PoC

NOMISEC WORKING POC

Exploit for CVE-2020-1938 - Apache Geode < 7.0.100 - Remote Code Execution

AI Analysis

This repository contains a Python-based exploit for CVE-2020-1938 (Ghostcat), which leverages the AJP protocol to read arbitrary files from vulnerable Apache Tomcat servers. The tool includes multi-threaded scanning, custom wordlist support, and JSP payload generation for post-exploitation.

Attack Type

info_leak

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1005 - Data from Local System T1190 - Exploit Public-Facing Application

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 4

https://github.com/abrewer251/CVE-2020-1938_Ghostcat-PoC

Stars 0

Forks 0

Last Push Dec 11, 2025

Authors

abrewer251

Vulnerability

CVE-2020-1938

Apache Geode < 7.0.100 - Remote Code Execution

CRITICAL KEV

CVSS 9.8