A newly disclosed Remote Code Execution (RCE) vulnerability in Apache Tomcat (CVE-2025-24813) can already be exploited!
A newly disclosed Remote Code Execution (RCE) vulnerability in Apache Tomcat (CVE-2025-24813) can already be exploited!
The PoC code is available on GitHub.
Why is this really important?
Because no authentication is required!
What's next?
Let's upgrade your Tomcat to the vulnerability-free version.
The list of affected versions is available on the CVE registry.