Exploit for Use of Incorrectly-Resolved Name or Reference in Apache Tomcat CVE-2025-24813

Name: Exploit for Use of Incorrectly-Resolved Name or Reference in Apache Tomcat CVE-2025-24813
Rating: 5 (84 reviews)
2025-04-12 | CVSS 9.8
## https://sploitus.com/exploit?id=BE527AA2-05A6-54A7-B65E-CA65C5804EF5
## CVE-2025-24813 Scanner

A multi-threaded vulnerability scanner to detect Apache Tomcat servers vulnerable to CVE-2025-24813 (arbitrary file upload leading to RCE).

![Python Version](https://img.shields.io/badge/python-3.6%2B-blue)
![License](https://img.shields.io/badge/license-MIT-green)

## Description

This scanner checks for Apache Tomcat servers vulnerable to CVE-2025-24813 by:
1. Attempting to upload a serialized Java object via HTTP PUT
2. Verifying if the uploaded file can be executed via jsessionid parameter

Features:
- Multi-threaded scanning (adjustable thread count)
- CSV input/output support
- Color-coded terminal output
- Detailed vulnerability verification
- Graceful interruption handling

## Installation

```bash
git clone https://github.com/mattb709/CVE-2025-24813-Scanner.git
cd CVE-2025-24813-Scanner
pip install -r requirements.txt
```

## Usage

### Basic Scan
```bash
python CVE-2025-24813-Scanner.py -f targets.csv
```

### Full Options
```bash
python CVE-2025-24813-Scanner.py \
  -f targets.csv \          # Input CSV with host,ip,port columns
  -o vulnerable_hosts.csv \ # Save vulnerable targets
  -t 10 \                   # Use 10 threads
```

### Example Scenarios

1. Quick scan with default settings:
```bash
python CVE-2025-24813-Scanner.py -f network_hosts.csv
```

2. Comprehensive scan with output:
```bash
python CVE-2025-24813-Scanner.py -f production.csv -o results.csv -t 15
```

## Sample Output

```plaintext
[*] Apache Tomcat CVE-2025-24813 Scanner

[*] Scanning https://example.com:8443...
[+] https://example.com:8443 is vulnerable to CVE-2025-24813!

[*] Scanning http://testserver:8080...
[-] http://testserver:8080 is not vulnerable (PUT failed: 401).

[*] Scanning http://192.168.1.15:8080...
[!] http://192.168.1.15:8080 allows PUT but no RCE (GET: 404).

[*] Scan Complete
[+] Vulnerable: 1
[-] Not Vulnerable: 2
[+] Vulnerable IPs:
    https://example.com:8443
```

## Requirements

- Python 3.6+
- Packages:
  - `requests>=2.25.1`
  - `pandas>=1.2.0`
  - `colorama>=0.4.4`

## License

MIT License - See [LICENSE](LICENSE) for details.

## Disclaimer

This tool is for authorized security testing and educational purposes only. Never scan systems without explicit permission. The author accepts no liability for misuse of this software.