Critical Apache Tomcat Vulnerability (CVE-2025-24813) Actively Exploited for Remote Code Execution

Monday, 31 March, 2025

Critical Apache Tomcat Vulnerability (CVE-2025-24813) Actively Exploited for Remote Code Execution

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-24813, has been discovered in Apache Tomcat versions 9.0.0-M1 to 9.0.98, 10.1.0-M1 to 10.1.34, and 11.0.0-M1. This flaw allows unauthenticated attackers to execute arbitrary code on affected servers by exploiting the handling of partial PUT requests and path equivalence. Active exploitation has been observed globally, with attackers targeting systems primarily in the United States, Japan, India, South Korea, and Mexico.

Read full story at Cybersecurity News

Tags:attackers unauthenticated code execution

Categories

Critical Apache Tomcat Vulnerability (CVE-2025-24813) Actively Exploited for Remote Code Execution

Also Read

First Games Challenges ₹5,712 Crore GST Demand Amid Industry-Wide Dispute

Spotify Invests Over $100 Million in Podcasters to Compete with YouTube

OpenAI Addresses ChatGPT Bug Allowing Minors Access to Explicit Content

Deel Accepts Legal Service in Rippling Espionage Lawsuit Amidst Ongoing Dispute

Hugging Face Launches $100 3D-Printed Robotic Arm to Democratize AI Robotics

Generative AI Enhances Entry-Level Roles, Emphasizing Human-AI Collaboration

DeepSeek R2: China's AI Challenger to GPT-4o Set for Imminent Launch

AI Reshapes India's IT Hiring: Entry-Level Jobs Decline as Mid-Level Talent Demand Rises

Kaspersky Expands Indian Operations Amid Rising Cybersecurity Demand

Subscribe To Our Newsletter.