Exploit for #VU28158 Deserialization of Untrusted Data in Apache Tomcat

Cybersecurity Help s.r.o.

Published: 2020-06-03 | Updated: 2024-09-27

Vulnerability identifier: #VU28158

Vulnerability risk: High

CVSSv4.0: 8.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2020-9484

CWE-ID: CWE-502

Exploitation vector: Network

Exploits in database: 21

September 27, 2024
- CVE-2020-9484 (Remake of CVE-2020-9484 by Pentestical) [Github]
February 21, 2023
- CVE-2020-9484_Exploit (Exploit for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE) [Github]
November 14, 2022
- CVE-2020-9484_Exploit (Exploit for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE) [Github]
February 13, 2022
- CVE-2020-9484 (POC - Apache Tomcat Deserialization Vulnerability (CVE-2020-9484)) [Github]
December 7, 2021
- CVE-2020-9484-Scanner (A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ) [Github]
October 27, 2021
- -CVE-2020-9484 (Apache Tomcat RCE (CVE-2020-9484)) [Github]
May 18, 2021
- CVE-2020-9484 (Apache Tomcat RCE (CVE-2020-9484)) [Github]
March 1, 2021
- CVE-2020-9484 () [Github]
February 11, 2021
- CVE-2020-9484 (POC for CVE-2020-9484) [Github]
January 28, 2021
- CVE-2020-9484-exploit () [Github]
- CVE-2020-9484 () [Github]
January 18, 2021
- -CVE-2020-9484 (Apache Tomcat RCE (CVE-2020-9484)) [Github]
January 3, 2021
- CVE-2020-9484 () [Github]
June 19, 2020
- CVE-2020-9484 (for Ubuntu 18.04, improve functions.) [Github]
June 10, 2020
- []
- CVE-2020-9484-Scanner (A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ) [Github]
June 4, 2020
- Apache Tomcat CVE-2020-9484 Proof Of Concept [Packet Storm]
June 3, 2020

Vulnerable software:
Apache Tomcat
Server applications / Web servers

Vendor: Apache Foundation