Exploit Apache Tomcat remote code execution vulnerability (CVE-2017-12615)

by do son · Published September 20, 2017 · Updated October 10, 2021

CVE-2017-7674 Apache Tomcat Remote Code Execution via JSP Upload

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 7.0.0 to 7.0.79

Description:
When running on Windows with HTTP PUTs enabled (e.g. via setting the
readonly initialisation parameter of the Default to false) it was
possible to upload a JSP file to the server via a specially crafted
request. This JSP could then be requested and any code it contained
would be executed by the server.

Mitigation:
Users of the affected versions should apply one of the following
mitigations:
– Upgrade to Apache Tomcat 7.0.81 or later (7.0.80 was not released)

Exploit

Requirement

jsp shell
poster

Demo

Reference:

http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3Cde541c4a-55b1-a4d3-4fbe-f8e3800b920f@apache.org%3E
https://blog.netspi.com/hacking-with-jsp-shells/

Exploit Apache Tomcat remote code execution vulnerability (CVE-2017-12615)

Search

Brilliantly

Content & Links