Security News > 2025 > March > Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?

2025-03-19 16:30

By simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat's session storage and gain control.

News URL

https://www.techrepublic.com/article/news-apache-tomcat-vulnerability/

#apache #critical #exploit #security #tomcat

Related news

Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure (source)
'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild' (source)
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code (source)
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apache		283	13	567	727	382	1689

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.