4 min read
By: RedLegg's Cyber Threat Intelligence Team
About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
VULNERABILITIES
Apache Tomcat Path Equivalence Vulnerability
CVSS Score: 5.5 (Medium)
Identifier: CVE-2025-24813
Exploit or POC: Yes, active exploitation has been observed in the wild.
Update: CVE-2025-24813 – Apache Security Advisory
Description: CVE-2025-24813 is a path equivalence vulnerability in Apache Tomcat versions 9.0.0.M1 through 9.0.98, 10.1.0-M1 through 10.1.34, and 11.0.0-M1 through 11.0.2. This flaw arises when the default servlet has write permissions enabled (disabled by default) and partial PUT requests are supported (enabled by default). Under these conditions, a malicious user could exploit the vulnerability to view sensitive files, inject content, or, in specific scenarios, achieve remote code execution.
Mitigation Recommendation: Patching is currently the only method of mitigation. Apache has released updates to address this vulnerability. Administrators are advised to update to Apache Tomcat versions 9.0.99, 10.1.35, or 11.0.3, as specified in the Apache Security Advisory. Immediate patching is recommended to prevent potential exploitation.
Note: Given the potential severity of this vulnerability, it is imperative to apply the recommended patches promptly to secure your systems.