Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)

Summary: Apache Tomcat has a vulnerability in the CGI Servlet which can be exploited to achieve remote code execution (RCE). Only Windows¬† is exploitable while running in a non-default configuration in conjunction with batch files. Description: conf/context.xml as well conf/web.xml enables CGI in tomcat. Common Gateway Interface (CGI) is a standard protocol allows passing of … Continue reading “Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)”