CVE-2025-24813

This PoC exploits CVE-2025-24813, a deserialization vulnerability in Apache Tomcat, by uploading a malicious payload via PUT requests and triggering deserialization through session manipulation. It supports both ysoserial and custom Java payloads for RCE.

This repository contains a Python-based proof-of-concept exploit for CVE-2025-24813, targeting Apache Tomcat for remote code execution. The script checks for vulnerability by sending a crafted payload and verifying the response.

This exploit leverages unsafe deserialization in Apache Tomcat to achieve RCE by uploading a malicious serialized payload to a writable session directory and triggering deserialization via a JSP request. It uses ysoserial to generate the payload and requires PUT method support on the target.

This Go-based exploit targets CVE-2025-24813 by uploading a malicious JSP shell to vulnerable Apache Tomcat servers via HTTP PUT requests. It includes functionality to detect open ports, exploit the vulnerability, and log successful compromises.

This repository contains a proof-of-concept exploit for CVE-2025-24813, targeting Apache Tomcat versions 9.0.0.M1 to 9.0.98, 10.1.0-M1 to 10.1.34, and 11.0.0-M1 to 11.0.2. The exploit leverages deserialization via session persistence and Partial PUT requests to achieve remote code execution.

This PoC exploits a deserialization vulnerability in Apache Tomcat (CVE-2025-24813) by sending a crafted base64-encoded payload to trigger unsafe deserialization. It checks for vulnerability by observing a 500 error response after setting a specific session cookie.

This repository contains a Python-based PoC for CVE-2025-24813, a deserialization vulnerability in Apache Tomcat. It includes version detection, payload generation using ysoserial, and exploitation via HTTP PUT/GET requests.

This repository contains a Python-based scanner designed to detect writable web directories via HTTP PUT method, specifically targeting CVE-2025-24813 (Arbitrary File Upload in Apache Tomcat). The tool performs two-stage verification (PUT + GET) to confirm writable directories and includes features like protocol auto-detection and verbose output.

This PoC exploits a deserialization vulnerability in Apache Tomcat (CVE-2025-24813) by uploading a malicious serialized payload via PUT requests and triggering deserialization through session manipulation. It includes payload generation using ysoserial or custom Java code for RCE.

This PoC exploits CVE-2025-24813, a deserialization vulnerability in Apache Tomcat. It sends a base64-encoded serialized payload via a PUT request and triggers deserialization via a GET request with a crafted session cookie.

This repository contains a scanner for detecting Apache Tomcat servers vulnerable to CVE-2025-24813. The tool sends a crafted request to check for vulnerability but does not include a full exploit payload for RCE.

This repository contains a multi-threaded scanner for detecting Apache Tomcat servers vulnerable to CVE-2025-24813, which involves arbitrary file upload leading to RCE. The scanner checks for vulnerability by attempting to upload a serialized Java object via HTTP PUT and verifying execution via jsessionid parameter.

The repository contains a scanner and a detection script for CVE-2025-24813, which checks for Apache Tomcat configurations with 'readonly=false' in web.xml files. The tools are designed to identify vulnerable configurations but do not include exploit code.

This is a functional PoC for CVE-2025-24813, an Apache Tomcat deserialization vulnerability. It allows testing for RCE by sending a serialized payload via session file upload and triggering deserialization through a crafted request.

This repository contains a functional PoC for CVE-2025-24813, demonstrating RCE in Apache Tomcat via HTTP PUT method to upload a malicious JSP web shell. The exploit includes a Python script to upload the shell and execute commands.

The PoC exploits CVE-2025-24813 by sending a crafted PUT request with a base64-decoded payload and a specific Content-Range header, followed by a GET request to trigger deserialization. The example uses a DNS-based payload (urldns) for out-of-band detection.

This repository provides a guide and testing environment for CVE-2025-24813, an unauthenticated RCE vulnerability in Apache Tomcat. It includes steps to set up a vulnerable Docker container and test file upload functionality.

This repository provides a Nuclei template for detecting CVE-2025-24813, an Apache Tomcat vulnerability. It includes a basic command execution example but lacks a full exploit implementation.

This PoC exploits a deserialization vulnerability in a Java-based application, likely targeting a web server. The payload is a serialized Java object that, when deserialized, executes arbitrary code.

This PoC exploits CVE-2025-24813, a deserialization vulnerability in Apache Tomcat, by uploading a malicious serialized payload via a PUT request and triggering its execution through session persistence. The payload is a base64-encoded ysoserial-generated gadget chain that executes arbitrary commands (e.g., creating a file in /tmp).

This repository contains a functional proof-of-concept exploit for CVE-2025-24813, demonstrating remote code execution via unsafe Java deserialization in a Tomcat-hosted application. The exploit uses ysoserial to generate a reverse shell payload, uploads it via HTTP Partial PUT, and triggers deserialization to achieve RCE.

This PoC demonstrates a deserialization vulnerability in Tomcat 10 / Jakarta EE via a malicious servlet that writes to a file upon deserialization. The exploit includes a serializer to generate the payload and a servlet to trigger the vulnerability.

The repository contains a functional exploit PoC for CVE-2025-24813, demonstrating how path equivalence in Apache Tomcat's Default Servlet can lead to information disclosure via partial PUT requests. The script automates the attack by manipulating temp file mappings to leak sensitive data.

This repository contains a working PoC for CVE-2025-24813, which exploits a path traversal vulnerability in Apache Tomcat to upload a JSP web shell. The exploit includes a scanner to identify vulnerable targets and an exploit script to verify command execution.

This PoC exploits CVE-2025-24813 in Apache Tomcat by uploading a malicious serialized payload via a PUT request and triggering deserialization with a GET request. It generates multiple ysoserial gadget payloads to achieve RCE.

This PoC demonstrates a deserialization vulnerability in Apache Tomcat (CVE-2025-24813) by using ysoserial to generate a malicious payload and exploiting a misconfigured session persistence mechanism. The exploit achieves remote code execution by leveraging CommonsCollections5 gadget chains.

This PoC demonstrates a path traversal vulnerability in Apache Tomcat (CVE-2025-24813) by uploading a malicious JSP file via a PUT request, enabling remote code execution (RCE) through command injection.

This repository contains a functional PoC for CVE-2025-24813, a deserialization-based RCE vulnerability in Apache Tomcat. The exploit uploads a malicious serialized payload to a writable directory and triggers deserialization via a GET request.

This PoC exploits CVE-2025-24813 in Apache Tomcat by uploading a malicious serialized session file via a partial PUT request and triggering deserialization to achieve remote code execution.

This repository contains a Python-based exploit toolkit for CVE-2025-24813, targeting Apache Tomcat servers vulnerable to insecure session deserialization. It automates gadget chain testing and includes multi-target scanning capabilities.

This repository provides a functional exploit for CVE-2025-24813, targeting Apache Tomcat 9.0.90 with Java deserialization via CommonsCollections6. The exploit leverages ysoserial to generate a payload and uploads it to a vulnerable Tomcat instance, achieving remote code execution.

This repository contains a functional exploit for CVE-2025-24813, targeting Apache Tomcat via Java deserialization and HTTP PUT method abuse to achieve remote code execution (RCE). The exploit automates session ID retrieval, payload generation (using ysoserial or custom Java), and payload delivery to trigger command execution.

This script performs non-intrusive checks for CVE-2025-24813 by extracting Tomcat version from HTTP headers, testing for write-enabled DefaultServlet via HTTP PUT/DELETE, and retrieving session IDs. It logs results to a report file and console.

This repository documents failed attempts to exploit CVE-2025-24813, a deserialization vulnerability in Apache Tomcat. The author reports that payload chains tested against versions 9.0.90 and 10.1.15 did not succeed due to module access restrictions.

The repository contains a functional exploit for CVE-2025-24813, targeting Apache Tomcat. The exploit includes a Python script that demonstrates remote code execution (RCE) by uploading a web shell to a vulnerable Tomcat server. The repository also includes Dockerfiles for setting up a vulnerable environment and a script to automate the attack.

This repository contains a functional proof-of-concept exploit for CVE-2025-24813, a Java deserialization vulnerability in Apache Tomcat. The exploit leverages ysoserial to generate malicious payloads and uploads them via PUT requests to achieve remote code execution.

This repository contains a working PoC for CVE-2025-24813, a path equivalence vulnerability in Apache Tomcat that allows security constraint bypass and RCE via inconsistent URL parsing of semicolons.

This PoC exploits a deserialization vulnerability in Apache Tomcat (CVE-2025-24813) by uploading a malicious session file via PUT and triggering deserialization with a crafted JSESSIONID cookie. It uses ysoserial to generate a payload for remote command execution (RCE).

This repository contains a Python-based exploit for CVE-2025-24813, targeting Apache Tomcat for remote code execution. The script includes advanced features like stealth headers, retry logic, and logging, suggesting a functional PoC.

This is a functional PoC for CVE-2025-24813, exploiting a deserialization vulnerability in Apache Tomcat via session file upload and manipulation. It uses ysoserial to generate payloads and triggers RCE through a crafted JSESSIONID.

This repository contains a standalone PoC for CVE-2025-24813, demonstrating a remote file upload vulnerability in Apache Tomcat 9.0.55 via partial PUT requests. It includes a Python script to detect, exploit, and verify the vulnerability by uploading a benign JSP file.

This repository contains a Python script that checks for the presence of CVE-2025-24813 by testing for PUT method support, Tomcat version, and write permissions in insecure directories. It does not exploit the vulnerability but scans for conditions that may indicate vulnerability.

This repository provides a proof-of-concept for CVE-2025-24813, a deserialization vulnerability in Apache Tomcat 9.0.98. It includes a pre-configured Tomcat environment and instructions for exploiting the vulnerability via partial PUT requests and session file manipulation.

This PoC exploits CVE-2025-24813, a deserialization vulnerability in Apache Tomcat, by uploading a malicious session file via HTTP PUT to achieve remote code execution. It supports both ysoserial and custom Java payloads for command execution.

This is a functional PoC exploit for CVE-2025-24813, targeting Apache Tomcat via deserialization through partial PUT requests. It uploads a malicious session file and triggers deserialization to achieve RCE.

The repository contains functional exploit code for CVE-2017-5487, demonstrating an information leak vulnerability in WordPress versions 4.7.0 and earlier via the /wp-json/wp/v2/users endpoint. The exploit sends a GET request to retrieve user details without proper access controls.

This PoC demonstrates CVE-2025-24813, a vulnerability in Apache Tomcat's DefaultServlet with `readonly=false`, allowing unsafe file writes via HTTP PUT. It includes steps to exploit deserialization for RCE by uploading a malicious session file and triggering its execution.

This script uploads a serialized payload in chunks to a vulnerable endpoint, likely exploiting a deserialization vulnerability (CVE-2025-24813). The payload is sent via HTTP PUT requests with Content-Range headers to bypass size restrictions.

This PoC demonstrates CVE-2025-24813 by uploading a malicious payload via a PUT request and triggering it with a crafted GET request. The payload is decoded and executed using PowerShell, indicating a Remote Code Execution (RCE) vulnerability.

This repository provides a proof-of-concept for CVE-2025-24813, which exploits a combination of vulnerabilities in Apache Tomcat's DefaultServlet and FileStore to achieve remote code execution via deserialization of session files.

This PoC exploits CVE-2025-24813, a deserialization vulnerability in Apache Tomcat, by uploading a malicious serialized payload via a PUT request to achieve remote code execution (RCE). The exploit requires specific configurations in Tomcat and a vulnerable library (e.g., commons-collections) to be present.

This exploit targets CVE-2025-24813 in Apache Tomcat by uploading a malicious serialized Java payload to the session directory and triggering deserialization via a crafted JSESSIONID cookie. It automates the download of ysoserial, generates payloads using multiple gadgets, and attempts to achieve remote code execution.

This PoC exploits CVE-2025-24813, a deserialization vulnerability in Apache Tomcat, by uploading a malicious serialized payload via PUT requests and triggering deserialization through session manipulation. It supports both ysoserial and custom Java payloads for command execution.

This Metasploit module exploits a Java deserialization vulnerability in Apache Tomcat (CVE-2025-24813) via a partial HTTP PUT request to upload a malicious session file, which is then deserialized to achieve remote code execution.

This repository contains a functional exploit for CVE-2025-24813, targeting Apache Tomcat via Java deserialization and HTTP PUT method abuse to achieve remote code execution (RCE). The exploit includes detailed steps for session ID extraction, payload generation (using ysoserial or custom Java code), and payload delivery via path traversal.

This repository contains a functional exploit for CVE-2025-24813, targeting Apache Tomcat via deserialization. It includes payload generation (ysoserial or custom Java) and upload mechanisms to achieve RCE.

This exploit leverages a path equivalence vulnerability in Apache Tomcat to upload a malicious serialized Java payload, which is then triggered via a crafted session cookie to achieve remote code execution. The payload is designed to trigger a DNS callback to an attacker-controlled server for verification.

The repository contains a Python script that scans for CVE-2025-24813 by sending crafted requests to detect deserialization vulnerabilities in Apache Tomcat. It does not include a full exploit chain but confirms vulnerability presence via HTTP response codes.