Exploit Apache Tomcat remote code execution vulnerability (CVE-2017-12615)

by do son · Published · Updated

CVE-2017-7674 Apache Tomcat Remote Code Execution via JSP Upload

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 7.0.0 to 7.0.79

Description:
When running on Windows with HTTP PUTs enabled (e.g. via setting the
readonly initialisation parameter of the Default to false) it was
possible to upload a JSP file to the server via a specially crafted
request. This JSP could then be requested and any code it contained
would be executed by the server.

Mitigation:
Users of the affected versions should apply one of the following
mitigations:
– Upgrade to Apache Tomcat 7.0.81 or later (7.0.80 was not released)

Exploit

Requirement

Demo

Reference:

  • http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3Cde541c4a-55b1-a4d3-4fbe-f8e3800b920f@apache.org%3E
  • https://blog.netspi.com/hacking-with-jsp-shells/

Tags: apache TomcatCVE-2017-12615