A rapidly exploited vulnerability with a major blast radius
A recently disclosed vulnerability in Apache Tomcat, CVE-2025-24813, is drawing significant attention due to its ease of exploitation, rapid adoption by attackers, and widespread usage across enterprise environments. This vulnerability is a blend of path traversal issues and deserialization flaws, potentially allowing for remote code execution (RCE) or the exfiltration of sensitive data.
*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Aaron Linskens. Read the original post at: https://www.sonatype.com/blog/apache-tomcat-vulnerability-widespread-exploitation-and-key-insights-from-sonatype
