{"author_name":"tanigawa","type":"rich","description":"\u3010\u8a33\u3011\u653b\u6483\u306b\u60aa\u7528\u3055\u308c\u308bApache Tomcat\u306eRCE\u306b\u95a2\u3059\u308b\u91cd\u5927\u306a\u6b20\u9665 \u3010\u8106\u5f31\u6027\u5185\u5bb9\u3011 \u516c\u958b\u65e5 \u767b\u9332\u65e5 CVE\u756a\u53f7 NVD \u30d9\u30f3\u30c0\u30fc CVSS v3 CWE \u8106\u5f31\u6027 KEV \u5099\u8003 2025/03/10 2025/01/24 CVE-2025-24813 NVD Apache 9.8(NVD)9.8(CISA-ADP) CWE-44CWE-502 \u30d1\u30b9\u306e\u7b49\u4fa1\u6027: 'file.name' (\u5185\u90e8\u30c9\u30c3\u30c8)\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u30c7\u30b7\u30ea\u30a2\u30e9\u30a4\u30bc\u30fc\u30b7\u30e7\u30f3 2025/04/01 Apache Tomcat, PoC \u5b58\u5728 \u3010\u8981\u7d04\u3011 Apache Tomcat\u306e\u91cd\u5927\u306a\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\uff08RCE\uff09\u8106\u5f31\u6027\uff08CV\u2026","provider_name":"Hatena Blog","height":"190","author_url":"https://blog.hatena.ne.jp/tanigawa/","width":"100%","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fvul.hatenadiary.com%2Fentry%2F2025%2F03%2F17%2F000000\" title=\"Critical RCE flaw in Apache Tomcat actively exploited in attacks - TT \u8106\u5f31\u6027 Blog\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","blog_url":"https://vul.hatenadiary.com/","published":"2025-03-17 00:00:00","blog_title":"TT \u8106\u5f31\u6027 Blog","version":"1.0","url":"https://vul.hatenadiary.com/entry/2025/03/17/000000","provider_url":"https://hatena.blog","title":"Critical RCE flaw in Apache Tomcat actively exploited in attacks","categories":["\u30a2\u30d7\u30ea: Apache Tomcat","CVE-2025-24813 (Apache Tomcat)","RCE\u8106\u5f31\u6027","CWE-502","\u8106\u5f31\u6027: \u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u30c7\u30b7\u30ea\u30a2\u30e9\u30a4\u30bc\u30fc\u30b7\u30e7\u30f3 / CWE-502"],"image_url":null}