ALAS-2020-1353 — Vulnetix

ALAS-2020-1353 PUBLISHED

Affected Products

Vendor	Product	Versions
Amazon	tomcat8

Exploit Intelligence

Tomcat AJP文件读取/包含漏洞 (github-poc)
Tomcat AJP文件读取/包含漏洞 (github-poc-repo)
Modified version of auxiliary/admin/http/tomcat_ghostcat, it can Read any file (github-poc-repo)
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340 (github-poc-repo)
streghstreek/CVE-2020-1938 (github-poc-repo)
Scanner for CVE-2020-1938 (github-poc-repo)
An implementation of CVE-2020-1938 (github-poc-repo)
Cnvd-2020-10487 / cve-2020-1938, scanner tool (github-poc-repo)
This is a modified version of the original GhostCat Exploit (github-poc-repo)
Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取/包含 (github-poc-repo)

…and 59 more exploits

Timeline

Mar 9, 2020 CVE Published

References

ALAS-2020-1353: tomcat8 (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›