
Remote code execution in Apache Tomcat 7.0 - holograham
https://nvd.nist.gov/vuln/detail/CVE-2017-12615
======
mdewinter
Windows only, maybe the title can be changed.

~~~
bluetwo
I stopped reading when I got to 'Windows' as well.

------
ryanlol
It's 2017 and scanning /0 for PUT still reliably gets a bunch of shells...

~~~
kevindqc
Why does that return a shell?

~~~
dogma1138
Web shell via put, still quite common.

Just as common as dorking for common webshells with no or default passwords.

If you need a VPS fast googling for c99 is faster than spinning up something
on AWS ;)

~~~
exikyut
Would like to learn more about this.

Hmm... looks like this dropped from 20k to 700 while I wasn't looking, which I
guess is a very good thing (these are DVRs!). But FWIW, for "JAWS/1.0 -2017
-2016" on shodan, then "/shell?whoami" returns "root". :)

------
bastijn
> "National Vulnerability Database The NVD is currently offline for scheduled
> maintenance.

> Please check back again shortly. We apologize for the inconvenience.

> Please direct any questions to nvd@nist.gov. Thank you."

Perfect timing for hn Frontpage. Alt link:
[https://tomcat.apache.org/security-7.html](https://tomcat.apache.org/security-7.html)

~~~
thephyber
Interestingly, I think NVD.nist.gov just changed their HTML-generating
template since this HN URL was posted.

~~~
jlgaddis
They did. The page looks much different now than it did earlier.

------
nwrk
CC: Equifax

