- Security outfit Wallarm spotted a PoC in the wild
- The method abuses a deserialization flaw in Apache Tomcat
- It allows attackers to fully take over vulnerable endpoints
A deserialization vulnerability on Apache Tomcat servers is being abused in the wild to completely take over affected endpoints, security researchers are warning.
Wallarm has revealed it saw a Chinese forum user, alias iSee857, share a proof-of-concept (PoC) for a flaw tracked as CVE-2025-24813, warning threat actors only need one PUT API request to take over the vulnerable server. The request is used to upload a malicious serialized Java session, which then allows the attacker to trigger deserialization by referencing the malicious session ID in a GET request.
“Tomcat, seeing this session ID, retrieves the stored file, deserializes it, and executes the embedded Java code, granting full remote access to the attacker,” Wallarm explained.
Dead simple
The researchers added that the attack is “dead simple” to execute, and requires no authentication. The only requirement is that Tomcat is using file-based session storage which, according to the researchers, is “common in many deployments”. Furthermore, base64 encoding means the attack will bypass most traditional security filters.
Most web application firewalls (WAF) “completely miss” this attack, Wallarm further warned, since the PUT request looks normal, the payload is base64-encoded, the attack is two-step, where the harmful only happens in the second step, and since most WAFs don’t deeply inspect uploaded files.
“This means that by the time an organization detects the breach in its logs, it’s already too late.”
The worst part, Wallarm concluded, is that “this is just the first wave,” as it expects threat actors to start uploading malicious JSP files, modifying configurations, and planting backdoors outside session storage.
It was not yet assigned a severity score, and as per the NVD, it affects Apache Tomcat from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, and from 9.0.0.M1 through 9.0.98.
Users are advised to upgrade to version 11.0.3, 10.1.35 or 9.0.98, which fixes the issue.
Leave a comment