absholi7ly / POC-CVE-2025-24813
his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
☆105Updated last month
Alternatives and similar repositories for POC-CVE-2025-24813:
Users that are interested in POC-CVE-2025-24813 are comparing it to the libraries listed below
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆235Updated 3 weeks ago
- Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-3847…☆88Updated 6 months ago
- CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit☆73Updated 7 months ago
- ☆153Updated 9 months ago
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆118Updated last year
- POC for CVE-2021-41091☆65Updated last year
- CVE-2024-3400 Palo Alto OS Command Injection☆156Updated last year
- ☆58Updated last year
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆75Updated 10 months ago
- A cheatsheet for NetExec☆115Updated 2 months ago
- CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web …☆82Updated 8 months ago
- exploit for f5-big-ip RCE cve-2023-46747☆203Updated 5 months ago
- POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.☆121Updated 9 months ago
- ☆100Updated last year
- SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions…☆64Updated 6 months ago
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆90Updated last year
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆230Updated last year
- tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp☆83Updated 3 months ago
- JetBrains TeamCity Authentication Bypass CVE-2023-42793 Exploit☆43Updated 10 months ago
- Apache Tomcat 远程代码执行漏洞批量检测脚本(CVE-2025-24813)☆79Updated 2 weeks ago
- Zimbra - Remote Command Execution (CVE-2024-45519)☆123Updated last week
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆193Updated 5 months ago
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Updated last year
- CVE-2023-2255 Libre Office☆57Updated last year
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆115Updated 4 months ago
- CVE-2024-3400-RCE☆87Updated 11 months ago
- POC & $BASH script for CVE-2024-4577☆44Updated 10 months ago
- GameOver(lay) Ubuntu Privilege Escalation☆124Updated last year
- CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support☆57Updated 9 months ago
- GeoServer Remote Code Execution☆78Updated last week