Java Web development is currently the most mainstream programming language, and Tomcat is one of the most popular Java middleware server, since the first edition published up to now has been 20 years of history, it is widely used around the world.
Ghostcat (ghost cat) was discovered by security researcher science and technology pavilion is present in Tomcat security vulnerabilities, due to defects on Tomcat AJP protocol design, an attacker can read or contain any files in all Tomcat webapp directory by Tomcat AJP Connector , for example, can read source code or webapp profile. Further applications are in the target file upload function, the use with the included file can also be reached endanger remote code execution.
Reference links:
https://www.chaitin.cn/zh/ghostcat
https://www.cnvd.org.cn/webinfo/show/5415
https://mp.weixin.qq.com/s/D1hiKJpah3NhEBLwtTodsg
https://mp.weixin.qq.com/s/GzqLkwlIQi_i3AVIXn59FQ
Affected versions
Apache Tomcat 6
Apache Tomcat 7 < 7.0.100
Apache Tomcat 8 < 8.5.51
Apache Tomcat 9 < 9.0.31
Exploit
