Apache

A critical path equivalence vulnerability in Apache Tomcat, designated CVE-2025-24813, has been actively exploited in the wild following the public release of proof-of-concept exploit code. The vulnerability, disclosed on March 10, 2025, enables unauthenticated remote code execution under specific server configurations and affects millions of Java-based web applications worldwide. Security researchers have confirmed active exploitation attempts shortly after the vulnerability’s disclosure, with the Cybersecurity and Infrastructure Security Agency (CISA) adding it to the Known Exploited Vulnerabilities catalog on April 1, 2025.

Source: https://cybersecuritynews.com/apache-tomcat-vulnerability-poc-released/

TPRM report: https://scoringcyber.rankiteo.com/company/apache-corporation

"id": "apa136052625",
"linkid": "apache-corporation",
"type": "Vulnerability",
"date": "5/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"

{'affected_entities': [{'industry': 'Various',
                        'location': 'Worldwide',
                        'type': 'Web Application'}],
 'attack_vector': 'Remote Code Execution (RCE)',
 'date_detected': '2025-03-10',
 'date_publicly_disclosed': '2025-03-10',
 'description': 'A critical path equivalence vulnerability in Apache Tomcat, '
                'designated CVE-2025-24813, has been actively exploited in the '
                'wild following the public release of proof-of-concept exploit '
                'code. The vulnerability, disclosed on March 10, 2025, enables '
                'unauthenticated remote code execution under specific server '
                'configurations and affects millions of Java-based web '
                'applications worldwide. Security researchers have confirmed '
                'active exploitation attempts shortly after the '
                'vulnerability’s disclosure, with the Cybersecurity and '
                'Infrastructure Security Agency (CISA) adding it to the Known '
                'Exploited Vulnerabilities catalog on April 1, 2025.',
 'impact': {'systems_affected': 'Millions of Java-based web applications '
                                'worldwide'},
 'post_incident_analysis': {'corrective_actions': 'Upgrade to patched '
                                                  'versions, disable '
                                                  'unnecessary HTTP methods, '
                                                  'enforce strict access '
                                                  'controls, deploy WAFs.',
                            'root_causes': 'Improper handling of HTTP requests '
                                           'that permit unauthorized access to '
                                           'restricted directories and '
                                           'sensitive files.'},
 'recommendations': 'Immediately upgrade to patched versions: Apache Tomcat '
                    '11.0.3, 10.1.35, or 9.0.99. Disable unnecessary HTTP '
                    'methods, enforce strict access controls, and deploy Web '
                    'Application Firewalls (WAFs) with specific rules to '
                    'detect CVE-2025-24813 exploitation attempts.',
 'references': [{'date_accessed': '2025-04-01',
                 'source': 'Cybersecurity and Infrastructure Security Agency '
                           '(CISA)'}],
 'response': {'containment_measures': 'Upgrade to patched versions: Apache '
                                      'Tomcat 11.0.3, 10.1.35, or 9.0.99',
              'remediation_measures': 'Disable unnecessary HTTP methods, '
                                      'enforce strict access controls, deploy '
                                      'Web Application Firewalls (WAFs)'},
 'title': 'CVE-2025-24813: Apache Tomcat Path Equivalence Vulnerability',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2025-24813'}