A multi-threaded vulnerability scanner to detect Apache Tomcat servers vulnerable to CVE-2025-24813 (arbitrary file upload leading to RCE).
This scanner checks for Apache Tomcat servers vulnerable to CVE-2025-24813 by:
- Attempting to upload a serialized Java object via HTTP PUT
- Verifying if the uploaded file can be executed via jsessionid parameter
Features:
- Multi-threaded scanning (adjustable thread count)
- CSV input/output support
- Color-coded terminal output
- Detailed vulnerability verification
- Graceful interruption handling
git clone https://github.com/mattb709/CVE-2025-24813-Scanner.git
cd CVE-2025-24813-Scanner
pip install -r requirements.txtpython CVE-2025-24813-Scanner.py -f targets.csvpython CVE-2025-24813-Scanner.py \
-f targets.csv \ # Input CSV with host,ip,port columns
-o vulnerable_hosts.csv \ # Save vulnerable targets
-t 10 \ # Use 10 threads- Quick scan with default settings:
python CVE-2025-24813-Scanner.py -f network_hosts.csv- Comprehensive scan with output:
python CVE-2025-24813-Scanner.py -f production.csv -o results.csv -t 15[*] Apache Tomcat CVE-2025-24813 Scanner
[*] Scanning https://example.com:8443...
[+] https://example.com:8443 is vulnerable to CVE-2025-24813!
[*] Scanning http://testserver:8080...
[-] http://testserver:8080 is not vulnerable (PUT failed: 401).
[*] Scanning http://192.168.1.15:8080...
[!] http://192.168.1.15:8080 allows PUT but no RCE (GET: 404).
[*] Scan Complete
[+] Vulnerable: 1
[-] Not Vulnerable: 2
[+] Vulnerable IPs:
https://example.com:8443
- Python 3.6+
- Packages:
requests>=2.25.1pandas>=1.2.0colorama>=0.4.4
MIT License - See LICENSE for details.
This tool is for authorized security testing and educational purposes only. Never scan systems without explicit permission. The author accepts no liability for misuse of this software.