VDB
CNVD-2020-34449
CNVD-2020-34449
PUBLISHED
Apache Tomcat是美国阿帕奇(Apache)软件基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat中存在安全漏洞。攻击者可通过控制服务器上文件的内容和名称等方法利用该漏洞执行代码。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache Tomcat >=9.0.0.0.M1,<=9.0.34 | ||
| Apache Tomcat >=10.0.0-M1,<=10.0.0-M4 | ||
| Apache Tomcat >=7.0.0,<=7.0.103 | ||
| Apache Tomcat >=8.5.0,<=8.5.54 |
Exploit Intelligence
- AssassinUKG/CVE-2020-9484 (github-poc-repo)
- POC for CVE-2020-9484 (github-poc-repo)
- DXY0411/CVE-2020-9484 (github-poc-repo)
- Apache Tomcat RCE (CVE-2020-9484) (github-poc-repo)
- masahiro331/CVE-2020-9484 (github-poc-repo)
- POC - Apache Tomcat Deserialization Vulnerability (CVE-2020-9484) (github-poc-repo)
- PenTestical/CVE-2020-9484 (github-poc-repo)
- Exploit for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE (github-poc-repo)
- Remake of CVE-2020-9484 by Pentestical (github-poc-repo)
- Bash POC for CVE-2020-9484 that i used in tryhackme challenge (github-poc-repo)
…and 22 more exploits
Timeline
- May 21, 2020 CVE ID Reserved
- Jun 23, 2020 CVE Published