Exploit for #VU25502 Path traversal in Apache Tomcat

Vulnerability identifier: #VU25502

Vulnerability risk: High

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2020-1938

CWE-ID: CWE-22

Exploitation vector: Network

Exploits in database: 36

• February 22, 2023
  • AttackTomcat (Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取/包含) [Github]
• August 21, 2022
  • CVE-2020-1938 (This is a modified version of the original GhostCat Exploit) [Github]
• August 15, 2021
  • ghostcat (An implementation of CVE-2020-1938) [Github]
• July 25, 2021
  • CVE_2020_1938 () [Github]
• July 12, 2021
  • CVE-2020-1938 (Scanner for CVE-2020-1938) [Github]
• April 28, 2021
  • CVE-2020-1938 () [Github]
• April 1, 2021
  • CVE-2020-1938-Tool (批量检测幽灵猫漏洞) [Github]
• March 30, 2021
  • Hacking-Vulnerability-CVE-2020-1938-Ghostcat () [Github]
• February 1, 2021
  • CVE-2020-1938-MSF-MODULE (Modified version of auxiliary/admin/http/tomcat_ghostcat, it can Read any file) [Github]
• December 3, 2020
  • Ghostcat [Metasploit]
• July 20, 2020
  • ghostcatch (Disables AJP connectors to remediate CVE-2020-1938!) [Github]
  • []
• July 15, 2020
  • CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner (Cnvd-2020-10487 / cve-2020-1938, scanner tool) [Github]
• June 3, 2020
  • CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner (Cnvd-2020-10487 / cve-2020-1938, scanner tool) [Github]
  • GhostCat-LFI-exp (CVE-2020-1938) [Github]
  • CVE-2020-1938 (This is about CVE-2020-1938) [Github]
  • CVE-2020-1938-Tool (批量检测幽灵猫漏洞) [Github]
  • CNVD-2020-10487 (CVE-2020-1938 / CNVD-2020-1048 Detection Tools) [Github]
  • CVE-2020-1938TomcatAjpScanner (批量扫描TomcatAJP漏洞) [Github]
  • CVE-2020-1938-Tomact-file_include-file_read (Tomcat的文件包含及文件读取漏洞利用POC) [Github]
  • CVE-2020-1938 (在一定条件下可执行命令) [Github]
  • CVE-2020-1938 () [Github]
  • CVE-2020-1938 (CVE-2020-1938漏洞复现) [Github]
• May 12, 2020
  • Ghostcat (CVE-2020-1938 exploit) [Github]
• April 7, 2020
  • exphub (Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340) [Github]
• March 18, 2020
  • CVE-2020-1938 () [Github]
  • CNVD-2020-10487-Bulk-verification (CNVD-2020-10487 OR CVE-2020-1938 批量验证脚本，批量验证，并自动截图，方便提交及复核) [Github]
  • CNVD-2020-10487-Tomcat-ajp-POC (CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc) [Github]
  • CVE-2020-1938 (CVE-2020-1938) [Github]
  • tomcat-cve-2020-1938-check () [Github]
  • Ghostcat-CNVD-2020-10487 (Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938) ) [Github]
  • CVE_2020_1938_ajp_poc (CVE_2020_1938_ajp_poc) [Github]
  • ghostcat-verification (Learnings on how to verify if vulnerable to Ghostcat (aka CVE-2020-1938)) [Github]
  • Ghostcat-CVE-2020-1938 (Test Explo for Ghostcat CVE-2020-1938) [Github]
  • CVE-2020-1938 () [Github]
  • CVE-2020-1938-Clean-Version (CVE-2020-1938(GhostCat) clean and readable code version) [Github]

Vulnerable software:
Apache Tomcat
Server applications / Web servers

Vendor: Apache Foundation