ALAS2TOMCAT9-2025-023 — Vulnetix

ALAS2TOMCAT9-2025-023 PUBLISHED

Affected Products

Vendor	Product	Versions
Amazon	tomcat

Exploit Intelligence

基于 Docker 的重现环境，用于复现 Apache Tomcat 10.1.44 中的路径遍历漏洞 CVE-2025-55752。本实验场景可以复现官网报道的RCE (github-poc)
Jimmy01240397/CVE-2025-55752 (github-poc-repo)
Jimmy01240397/CVE-2025-55752 (github-poc)
LFIModule.java (github-poc)
JsonHelperTest.java (github-poc)

Timeline

Nov 10, 2025 CVE Published

References

ALAS2TOMCAT9-2025-023: tomcat (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›