.. / CVE-2017-12615

Exploit for Apache Tomcat Servers - Remote Code Execution (CVE-2017-12615)

Description:

Apache Tomcat servers 7.0.{0 to 79} are susceptible to remote code execution. By design, you are not allowed to upload JSP files via the PUT method. This is likely a security measure to prevent an attacker from uploading a JSP shell and gaining remote code execution on the server. However, due to the insufficient checks, an attacker could gain remote code execution on Apache Tomcat servers that have enabled PUT method by using a specially crafted HTTP request.

Nuclei Template

View the template here CVE-2017-12615.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2017/CVE-2017-12615.yaml

References:

http://web.archive.org/web/20211206035549/https://securitytracker.com/id/1039392
https://github.com/vulhub/vulhub/tree/master/tomcat/CVE-2017-12615
https://nvd.nist.gov/vuln/detail/CVE-2017-12615
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html

.. / CVE-2017-12615 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Apache Tomcat Servers - Remote Code Execution (CVE-2017-12615)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2017-12615