A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request.
https://www.bleepingcomputer.com/news/security/critical-rce-flaw-in-apache-tomcat-actively-exploited-in-attacks/
BleepingComputer
npub1pk…z6763
2025-03-17 13:29:23 UTC
Author Public Key
npub1pkrnqz97z2wckgmwglckccgg65eanvw3wpvuses7npqlvv6st06svz6763Published at
2025-03-17 13:29:23 UTCEvent JSON
{
"id": "d6ab036ae6d02cbb4418f8c5a0c8d4da6c4bd7ee71c0d9b2068b36ad614f5df5",
"pubkey": "0d873008be129d8b236e47f16c6108d533d9b1d17059c8661e9841f633505bf5",
"created_at": 1742218163,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@BleepingComputer/114178009589474664",
"web"
],
[
"proxy",
"https://infosec.exchange/users/BleepingComputer/statuses/114178009589474664",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/BleepingComputer/statuses/114178009589474664",
"pink.momostr"
],
[
"-"
]
],
"content": "A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request.\n\nhttps://www.bleepingcomputer.com/news/security/critical-rce-flaw-in-apache-tomcat-actively-exploited-in-attacks/",
"sig": "fe6093f2df5f68afad50d60e024484233dd2135f1f387b9783d5118c7eb8ac02de251f9f6572230523faa5dcaf2d3ded882a27ec314cb5cc9714493297c863e7"
}