AI description
CVE-2025-55752 is a relative path traversal vulnerability affecting Apache Tomcat. The vulnerability stems from a regression introduced while fixing a previous bug, where rewritten URLs were normalized before being decoded. This allows attackers to manipulate request URIs through rewritten query parameters, potentially bypassing security constraints and accessing sensitive directories like /WEB-INF/ and /META-INF/. If PUT requests are enabled, which is not a typical configuration, attackers could exploit this flaw to upload malicious files, potentially leading to remote code execution (RCE). The vulnerability affects Apache Tomcat versions 11.0.0-M1 to 11.0.10, 10.1.0-M1 to 10.1.44, and 9.0.0.M11 to 9.0.108, as well as older, end-of-life versions.
- Description
- Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.
- Source
- security@apache.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@apache.org
- CWE-23
- Hype score
- Not currently trending
🔎 Criminal IP에서 Apache Tomcat 심각 취약점 CVE-2025-55752 / 55754 / 61795 노출 현황을 분석했습니다. 🌐️ 현재 전세계 공개 Tomcat 인스턴스: 546,614대 🇨🇳 중국 162,658 · 🇺🇸 미국 67,945 · 🇧🇷 브라질 37,461 · 🇰
@CriminalIP_KR
3 Nov 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 Apache Tomcat Urgent Alert — CVE-2025-55752 / 55754 / 61795 Current public #Tomcat instances worldwide: 546,614 🇨🇳 China 162,658 · 🇺🇸 USA 67,945 · 🇧🇷 Brazil 37,461 · 🇰🇷 South Korea 19,699 · 🇯🇵 Japan 10,613 ⚠️ Key ris
@CriminalIP_US
3 Nov 2025
62 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔎 Criminal IPで Apache Tomcat の深刻脆弱性(CVE-2025-55752 / 55754 / 61795)の露出状況を分析しました。 🌐 現在の公開 Tomcat インスタンス(世界計):546,614台 🇨🇳 中国 170,351 ・ 🇺🇸 米国 70,498 ・ 🇧🇷 ブ
@CriminalIP_JP
3 Nov 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Apache Tomcat Dual CVEs: Directory Traversal to RCE (CVE-2025-55752/55754) Two new Tomcat bugs just dropped, affecting versions 9, 10, and 11. CVE-2025-55752 (rated Important) exploits directory traversal via rewritten URLs—bypasses protections for /WEB-INF/ and /META-INF
@the_c_protocol
30 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025.10.29 JVNVU#95235705 Apache Tomcatにおける複数の脆弱性(CVE-2025-55752、CVE-2025-55754、CVE-2025-61795) - Japan Vulnerability Notes(JVN) https://t.co/pSqDQBIhMh
@kawn2020
30 Oct 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
統合版 JPCERT/CC | JVN: Apache Tomcatにおける複数の脆弱性(CVE-2025-55752、CVE-2025-55754、CVE-2025-61795) https://t.co/gryJvIY4tA #itsec_jp
@itsec_jp
30 Oct 2025
109 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#後で読む 用メモです→ Apache Tomcatにおける複数の脆弱性(CVE-2025-55752、CVE-2025-55754、CVE-2025-61795) https://t.co/P8g4OlhoMt
@TommiyTw
30 Oct 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[JVNVU#95235705] Apache Tomcatにおける複数の脆弱性(CVE-2025-55752、CVE-2025-55754、CVE-2025-61795) https://t.co/x9f8GYA08p #jvn #脆弱性 #セキュリティ
@jpsecuritynews
30 Oct 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
JVNVU#95235705 Apache Tomcatにおける複数の脆弱性(CVE-2025-55752、CVE-2025-55754、CVE-2025-61795) https://t.co/fm9OrZjLh5 アップデートで対応されていますので、利用されている方は早めのアップデートを。
@Syynya
29 Oct 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Today’s cyber brief (Oct 29): 💠 MedImpact ransomware (Qilin) → prep PHI comms. 💠 DELMIA Apriso added to CISA KEV → patch & hunt. 💠 Tomcat CVE-2025-55752 (path traversal) → disable 💠 PUT + update. Chrome 0-day CVE-2025-2783 (Dante/LeetAgent) → force
@TrescudoCyber
29 Oct 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Nouvelle vuln Apache #Tomcat CVE-2025-55752 Un simple ?path=%2FWEB-INF%2Fweb.xml = exfil de fichiers protégés via RewriteValve Cause : normalisation avant décodage %2e%2e contournent les checks. Impact : LFI → potentiel RCE si upload dispo. Patch : 9.0.109 / 10.1.45 /
@CyberHebdo
29 Oct 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Apache Tomcat Patches 3 Vulns CVE-2025-55752: Bypass auth → HTTP PUT malicious upload = RCE (certain configs) CVE-2025-55754: ANSI escape hijack on Windows consoles CVE-2025-61795: Multipart upload crash = DoS ZoomEye Dork👉app="Apache Tomcat" 822.3k+ exposed on Zoom
@Endurance448146
29 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55752 - exploit poc for the Apache Tomcat Rewrite Valve Relative Path Traversal, no RCE (for now) Tried to fake it playing witht he rewrite, relaxing it a lot, but after some pass was able to reproduce. https://t.co/cIkIZ7b7ug
@Endurance448146
29 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨Apache Tomcat Patches 3 Vulns CVE-2025-55752: Bypass auth → HTTP PUT malicious upload = RCE (certain configs) CVE-2025-55754: ANSI escape hijack on Windows consoles CVE-2025-61795: Multipart upload crash = DoS ZoomEye Dork👉app="Apache Tomcat" 822.3k+ exposed htt
@Endurance448146
29 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55752 Apache Tomcat possible RCE if PUT is enabled 🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡 This is like saying i can extract your data from db if sql query is enabled https://t.co/UuDfK4eTt
@Endurance448146
29 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55752 - exploit poc for the Apache Tomcat Rewrite Valve Relative Path Traversal, no RCE (for now) it playing witht he rewrite, relaxing it a lot, but after some pass was able to reproduce. https://t.co/1wgk88Vhni
@Endurance448146
29 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[2025/10/29 15:45 公表] Apache Tomcatにおける複数の脆弱性(CVE-2025-55752、CVE-2025-55754、CVE-2025-61795) https://t.co/Tpy7mJ7HOX
@jvnjp
29 Oct 2025
1975 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 #Apache Tomcat(アパッチトムキャット) 緊急セキュリティアラート🚨 CVE-2025-55752:HTTP PUT経由 RCE CVE-2025-55754:ANSIコンソールインジェクション CVE-2025-61795:Multipartクラッシュ → DoS に対する修正が公
@CriminalIP_JP
29 Oct 2025
167 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Apache Tomcat Vulnerabilities Alert🚨 CVE-2025-55752 (Important): Directory Traversal Flaw→PUT upload→potential RCE CVE-2025-55754: Unescaped ANSI sequences→potential console or clipboard manipulation on Windows 📈558,000+ exposed Tomcat instances detec
@CriminalIP_US
29 Oct 2025
1139 Impressions
2 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 Apache Tomcat 긴급 보안 공지 — CVE-2025-55752(HTTP PUT → RCE, Bypass auth) / CVE-2025-55754(ANSI 콘솔 인젝션) / CVE-2025-61795(Multipart 크래시 → DoS) — 패치 권고 Criminal IP 검색 결과(product:Tomcat) 558,728개의 외부 노출 인
@CriminalIP_KR
29 Oct 2025
119 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55752, Apache Tomcat that allows directory traversal via URL rewrite, and under certain conditions, leads to remote code execution (RCE) if HTTP PUT is enabled. https://t.co/YJDCI05goA #security #Vulnerability #ApacheTomcat
@vaexdanny
28 Oct 2025
109 Impressions
0 Retweets
0 Likes
3 Bookmarks
0 Replies
0 Quotes
Tomcat servers just gained a new predator. my TOMCAT framework This beast hunts for CVE-2025-55752 and CVE-2020-17530 traversal flaws then pushes straight through to RCE https://t.co/DJRVa2iXWI #exploit #hacker #cybersecurity #devsecops #Coding #payload https://t.co/MlPG5lQ
@anoncitylights
28 Oct 2025
271 Impressions
0 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 𝗛𝘂𝗻𝘁𝗶𝗻𝗴 𝗜𝗻𝘁𝗲𝗿𝗻𝗲𝘁-𝗙𝗮𝗰𝗶𝗻𝗴 𝗔𝗽𝗮𝗰𝗵𝗲 𝗧𝗼𝗺𝗰𝗮𝘁: 𝗣𝗮𝘁𝗰𝗵 𝗣𝗿𝗶𝗼𝗿𝗶𝘁𝗶𝘇𝗮𝘁𝗶𝗼𝗻 Apache Tomcat recently patched three critical vulnerabilit
@0x534c
28 Oct 2025
1519 Impressions
1 Retweet
25 Likes
13 Bookmarks
0 Replies
0 Quotes
CVE-2025-55752 - Apache Tomcat - Directory traversal via rewrite with possible RCE if PUT is enabled Hazır olun siber güvenlik twitterını ikiye bölecek bence bu zafiyet. Bir kesim böyle bug mı olur saçmalık diyecek birileri de gerçek olduğunu savunacak. PUTa izin ver
@luminaryxd
28 Oct 2025
2274 Impressions
1 Retweet
29 Likes
17 Bookmarks
2 Replies
0 Quotes
After maybe 3 months, Tomcat team finally public my CVE-2025-55752 now XXD https://t.co/kQw4KpkQrw #Tomcat #CVE #CVE_2025_55752
@rm_rf_chumy
28 Oct 2025
2822 Impressions
3 Retweets
30 Likes
6 Bookmarks
1 Reply
0 Quotes
CVE-2025-55752
@Fuck_algeroides
28 Oct 2025
132 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
URGENT PATCH ALERT: Critical RCE vulnerability (CVE-2025-55752) in Apache Tomcat allows attackers to bypass security and upload malicious files. If you're running versions 9.0.0-9.0.108, 10.1.0-10.1.44, or 11.0.0-11.0.10, update IMMEDIATELY. #Cybersecurity #ApacheTomcat https://t
@RoelofMol
28 Oct 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-55752 Apache Tomcat possible RCE if PUT is enabled 🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡 This is like saying i can extract your data from db if sql query is enabled https://t.co/IVUOnIpYz
@h4x0r_dz
28 Oct 2025
96995 Impressions
60 Retweets
445 Likes
189 Bookmarks
10 Replies
4 Quotes
⚠️⚠️ CVE-2025-55752: High — URL-rewrite bypass in Apache Tomcat enabling RCE & console ANSI injection. Patch ASAP 🎯6.1m+ Results are found on the https://t.co/pb16tGXCUG nearly year. 🔗FOFA Link: https://t.co/GfMvWUMp4m FOFA Query: app="APACHE-Tomcat" 🔖Refer
@fofabot
28 Oct 2025
1682 Impressions
6 Retweets
23 Likes
9 Bookmarks
0 Replies
0 Quotes
🚨 Critical #ApacheTomcat flaws (CVE-2025-55752, CVE-2025-55754) could lead to remote code execution & log manipulation. Admins — patch NOW! 🔥 Read More: https://t.co/M5SktTWMFu #CyberSecurity #Apache #CVE202555752 #CVE202555754 #Canada #CanadaCyberAwareness https://
@FindSecCyber
28 Oct 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55752, -55754, -61795: Multiple vulnerabilites in Apache Tomcat, 5.3 - 9.6 rating 🔥 Three new vulnerabilities in Apache Tomcat allow attackers to perform DoS, RCE, and ANSI Injection. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/vdf2Sc1KSy https://t.co
@Netlas_io
28 Oct 2025
5361 Impressions
16 Retweets
59 Likes
31 Bookmarks
1 Reply
1 Quote
Apache Tomcatにおけるディレクトリトラバーサルに起因するリモートコード実行(CVE-2025-55752) The Apache Software Foundation は、JavaベースのWebアプリケーションで広く利用される Apache Tomcat において、重大な脆弱性を
@t_nihonmatsu
28 Oct 2025
271 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcatに深刻な脆弱性が発覚した。Apache Software Foundationは10月27日、RCEを引き起こす可能性のあるCVE-2025-55752と、コンソール操作を許すCVE-2025-55754の2件を公開し、即時更新を呼びかけている。
@yousukezan
28 Oct 2025
2349 Impressions
4 Retweets
21 Likes
13 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-55752 : Apache Tomcat Patches URL Rewrite Bypass Risking RCE and Console ANSI Injection 📊8.2M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/Pf8A56rwao 👇Query HUNTER : https://t.co/q9rtuGfZuz="Apache Tomcat" ht
@HunterMapping
28 Oct 2025
4255 Impressions
21 Retweets
91 Likes
36 Bookmarks
2 Replies
0 Quotes
🚨🚨Apache Tomcat Patches 3 Vulns CVE-2025-55752: Bypass auth → HTTP PUT malicious upload = RCE (certain configs) CVE-2025-55754: ANSI escape hijack on Windows consoles CVE-2025-61795: Multipart upload crash = DoS ZoomEye Dork👉app="Apache Tomcat" 822.3k+ exposed on
@zoomeye_team
28 Oct 2025
18348 Impressions
68 Retweets
256 Likes
97 Bookmarks
0 Replies
2 Quotes
Apache Tomcat https://t.co/SmE0sSXxkn CVE-2025-55752: Directory traversal via rewrite with possible RCE if PUT is enabled CVE-2025-55754: Console manipulation via escape sequences in log messages CVE-2025-61795: DoS via delayed cleaning of multi-part upload temporary files
@oss_security
28 Oct 2025
1668 Impressions
3 Retweets
15 Likes
1 Bookmark
0 Replies
0 Quotes
Apache patched three flaws in Tomcat 9/10/11: CVE-2025-55752 risks RCE by bypassing security constraints. CVE-2025-55754 allows ANSI escape sequence injection in Windows logs. #ApacheTomcat #RCE #Cybersecurity #PatchNow https://t.co/maHhY400K0
@the_yellow_fall
28 Oct 2025
313 Impressions
2 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-55752 Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was deco… https://t.co/iAuKUfmKeX
@CVEnew
27 Oct 2025
270 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes