Tomcat PUT to active abuse as Apache deals with critical RCE flaw

Tomcat PUT to active abuse as Apache deals with critical RCE flaw Tomcat PUT to active abuse as Apache deals with critical RCE flaw

The affected versions include Apache Tomcat: 11.0.0-M1 to 11.0.2,10.1.0-M1 to 10.1.34, and 9.0.0 M1 to 9.0.98. Respective fixed versions include 11.0.3 or later, 10.1.35 or later, and 9.0.99 or later.

Wallarm detected the first attack coming from Poland on March 12, a few days before the first public exploit was released on GitHub.

“While this exploit abuses session storage, the bigger issue is partial PUT handling in Tomcat, which allows uploading practically any file anywhere,” Wallarm said in the blog. “Attackers will soon start shifting their tactics, uploading malicious JSP files, modifying configurations, and planting backdoors outside session storage.”

Add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use