vulnerability

Apache Tomcat: Important: Directory traversal via Rewrite Valve with possible remote code execution if PUT is enabled (CVE-2025-55752)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:S/C:C/I:C/A:C)	Oct 28, 2025	Oct 28, 2025	Oct 30, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:C/I:C/A:C)

Published

Oct 28, 2025

Added

Oct 28, 2025

Modified

Oct 30, 2025

Description

The fix for bug 60013 introduced a regression where the
rewritten URL was normalized before it was decoded. This introduced the
possibility that, for rewrite rules that rewrite query parameters to the
URL, an attacker could manipulate the request URI to bypass security
constraints including the protection for /WEB-INF/ and
/META-INF/. If PUT requests were also enabled then malicious
files could be uploaded leading to remote code execution. PUT requests
are normally limited to trusted users and it is considered unlikely that
PUT requests would be enabled in conjunction with a rewrite that
manipulated the URI.

Solutions

apache-tomcat-upgrade-10_1_45apache-tomcat-upgrade-11_0_11apache-tomcat-upgrade-9_0_109

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today