Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.
A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept (PoC) exploit making an appearance on GitHub. The now-patched bug affects Tomcat versions 7.0, 8.5 and 9.0.
According to Flashpoint analysts Cheng Lu and Steven Ouellette, an exploit for the “Ghostcat,” security bug (tracked as CVE-2020-1938 and first publicly disclosed Feb. 20) reliably allows information disclosure via file retrieval on a vulnerable server – without authentication or a user being tricked into a compromising interaction. And, in some situations, it could allow remote code execution, they said.