CVE-2025-24813: Apache Tomcat RCE via Partial PUT

Score: 9.8
CRITICAL
Published: 2025-03-10Affected: Apache Tomcat 11.0.0-M1 through 11.0.2CWE-502 β†—

Can Apache Tomcat be exploited for RCE?

A path equivalence vulnerability in Apache Tomcat that, combined with partial PUT request handling and default servlet configuration, allows unauthenticated remote code execution via deserialization of uploaded session files.

Impact & Exploitation

Active exploitation 30 hours after PoC release. Tomcat powers millions of Java web applications. Affects deployments with default servlet write-enabled and file-based session persistence.

Related Resources

πŸ” Related CWE Entries

πŸ“‹ OWASP Top 10

πŸ“– Security Guides

πŸ›‘οΈ Notable Vulnerabilities

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS9.8
SeverityCRITICAL
CWECWE-502
Published2025-03-10

Tags

tomcatjavadeserializationrce

Quick Links

Is your system affected?

Precogs AI detects Apache Tomcat RCE via Partial PUT in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2025-24813 Apache Tomcat RCE via Partial PUT don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo