AJP – WindowsTechs.com

Is Tomcat vulnerable to "Ghostcat" (CVE-2020-1938) via mod_proxy_ajp?

Posted on March 10, 2020 by ansichart

Is it possible to exploit the “Ghostcat” vulnerability (CNVD-2020-10487/CVE-2020-1938) indirectly over mod_proxy_ajp?

I was able to successfully test the proof-of-concept exploit (https://www.exploit-db.com/exploits/48143) when targetin… Continue reading Is Tomcat vulnerable to "Ghostcat" (CVE-2020-1938) via mod_proxy_ajp?→

Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR

Posted on March 6, 2020 by Animesh Jain

A severe vulnerability exists in Apache Tomcat’s Apache JServ Protocol. The Chinese cyber security company Chaitin Tech discovered the vulnerability, which is named “Ghostcat” and is tracked using CVE-2020-1938. The security issu… Continue reading Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR→