2 matches found
Exploit for Deserialization of Untrusted Data in Apache Tomcat
利用条件 + DefaultServlet 写入功能启用:需在 web.xml 中配置 readonly=false...
VulnCheck KEV: CVE-2025-24813
Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request...