Security News > 2020 > March > Apache Tomcat Exploit Poised to Pounce, Stealing Files
A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept exploit making an appearance on GitHub.
The Apache Tomcat open-source web server supports various JavaScript-based technologies, including the Apache JServ Protocol interface, which is where the vulnerability resides.
In a default Tomcat installation on Windows 10, Tomcat's AJP port, on 8009, is exposed - allowing outside users to interact with and gain access to the Tomcat server itself.
"Through the AJP connector, an attacker can retrieve arbitrary files from Tomcat's web root, including the files residing within the 'WEB-INF' and 'META-INF' directories through the ServletContext.getResourceAsStream() function," according to the Flashpoint posting.
"Additionally, arbitrary files within the web application on the vulnerable Tomcat server can be processed as a JSP page through the AJP connector."