Security News > 2025 > March > Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?

2025-03-19 16:30

By simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat's session storage and gain control.

News URL

https://www.techrepublic.com/article/news-apache-tomcat-vulnerability/

#apache #critical #exploit #security #tomcat

Related news

Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code (source)
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apache		284	13	567	729	383	1692

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.