CVE-2025-31651
CRITICALApache Tomcat 9.0.0-9.0.102, 10.1.0-M1-10.1.39, 11.0.0-M1-11.0.5 - Security Constraint Bypass
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2025-31651. PoCs published by gregk4sec.
AI-analyzed exploit summary The repository provides a detailed technical analysis of CVE-2025-31651, a vulnerability in Apache Tomcat 11.0.4 where rewrite rules can be bypassed using URL-encoded characters (e.g., %3F) to access restricted resources or execute scripts. The writeup includes specific rewrite rule configurations, attack steps, and impact analysis.
Description
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.
Exploits (2)
The repository provides a detailed technical analysis of CVE-2025-31651, a vulnerability in Apache Tomcat 11.0.4 where rewrite rules can be bypassed using URL-encoded characters (e.g., %3F) to access restricted resources or execute scripts. The writeup includes specific rewrite rule configurations, attack steps, and impact analysis.
The repository contains only a README.md file with minimal information about CVE-2025-31651, describing a rewrite rule bypass vulnerability. No actual exploit code or detailed PoC is provided.
References (3)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H