CVE-2023-24998

HIGH

Apache Commons FileUpload < 1.5 - Denial of Service via Unlimited Request Parts

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-24998. PoCs published by nice1st.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2023-24998, demonstrating a DoS vulnerability in Apache Tomcat's file upload handling. The exploit leverages a crafted multipart request to exceed the default parameter count limit, causing resource exhaustion.

Description

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured.

Exploits (1)

nomisec WORKING POC 4 stars

by nice1st · poc

https://github.com/nice1st/CVE-2023-24998

View Code ZIP pw:eip

This repository contains a functional exploit PoC for CVE-2023-24998, demonstrating a DoS vulnerability in Apache Tomcat's file upload handling. The exploit leverages a crafted multipart request to exceed the default parameter count limit, causing resource exhaustion.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Apache Tomcat 9.0.71 and later (Spring Boot 2.7.8+)

No auth needed

Prerequisites: Target must be running a vulnerable version of Tomcat with default or misconfigured multipart settings

MITRE ATT&CK