VDB
GCVE-110-OSM-2020-4
GCVE-110-OSM-2020-4
Advisory PublishedCVSS 9.6/10
Brandjacking attack impersonating legitimate servlet API components from Apache, Eclipse Jetty, and Tomcat. Contains reverse TCP shell backdoor targeting Java web applications.
Malicious code in doGet() method of HttpServlet.class. Uses base64 encoding to obfuscate C2 server IP and port. Opens reverse TCP shell to 45.87.122.54:8888 on every HTTP GET request serviced by the web application. Gives attackers interactive shell access with same privileges as the backdoored application. SHA1: c018607d8597ba2b9e64561518b9dfbb65ff9f2b
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | servlet-api | 3.2.0 (affected) | — |
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.