CVE-2024-50379— Apache Tomcat: RCE due to TOCTOU issue in JSP compilation
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-50379
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Apache Tomcat: RCE due to TOCTOU issue in JSP compilation
Source: NVD (National Vulnerability Database)
Vulnerability Description
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Tomcat 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。用于实现对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat存在安全漏洞。攻击者利用该漏洞可以在不区分大小写的文件系统上远程执行代码。以下版本受到影响:11.0.0-M1版本和11.0.1版本、10.1.0-M1版本至10.1.33版本和9.0.0.M1版本至9.0.97版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Apache Software Foundation | Apache Tomcat | 11.0.0-M1 ~ 11.0.1 | - |
II. Public POCs for CVE-2024-50379
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/v3153/CVE-2024-50379-POC | POC Details |
| 2 | None | https://github.com/yiliufeng168/CVE-2024-50379-POC | POC Details |
| 3 | Repositorio para alojar un template de Nuclei para probar el CVE-2024-50379 (en fase de prueba) | https://github.com/JFOZ1010/Nuclei-Template-CVE-2024-50379 | POC Details |
| 4 | Apache Tomcat(CVE-2024-50379)条件竞争致远程代码执行漏洞批量检测脚本 | https://github.com/iSee857/CVE-2024-50379-PoC | POC Details |
| 5 | CVE-2024-50379 is a critical vulnerability affecting multiple versions of Apache Tomcat, an open source web server and servlet container widely used for deploying Java-based web applications. The vulnerability arises from a Time-of-Use (TOCTOU) race condition that occurs when compiling JavaServer Pages (JSPs). | https://github.com/Alchemist3dot14/CVE-2024-50379 | POC Details |
| 6 | RCE through a race condition in Apache Tomcat | https://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc | POC Details |
| 7 | tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp | https://github.com/SleepingBag945/CVE-2024-50379 | POC Details |
| 8 | CVE-2024-50379利用 | https://github.com/dear-cell/CVE-2024-50379 | POC Details |
| 9 | CVE-2024-50379-exp | https://github.com/lizhianyuguangming/CVE-2024-50379-exp | POC Details |
| 10 | This repository contains a Python script designed to exploit CVE-2024-50379, a vulnerability that allows attackers to upload a JSP shell to a vulnerable server and execute arbitrary commands remotely. This exploit is particularly useful when the /uploads directory is either unprotected or not present on the target server. | https://github.com/dragonked2/CVE-2024-50379-POC | POC Details |
| 11 | Testing the latset Apache Tomcat CVE-2024-50379 Vuln | https://github.com/bigb0x/CVE-2024-50379 | POC Details |
| 12 | ExploitDB CVE-2024-50379 a vulnerability that enables attackers to upload a JSP shell to a vulnerable server and execute commands remotely. The exploit is especially effective when the /uploads directory is either unprotected or missing on the target server. | https://github.com/pwnosec/CVE-2024-50379 | POC Details |
| 13 | Testing the latset Apache Tomcat CVE-2024-50379 Vuln | https://github.com/dkstar11q/CVE-2024-50379-nuclei | POC Details |
| 14 | tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp | https://github.com/paltrybelly/CVE-2024-50379 | POC Details |
| 15 | tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp | https://github.com/shoddykilom/CVE-2024-50379 | POC Details |
| 16 | tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp | https://github.com/unkemptpanc/CVE-2024-50379 | POC Details |
| 17 | tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp | https://github.com/whimsicalsubw/CVE-2024-50379 | POC Details |
| 18 | tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp | https://github.com/carefreegarb/CVE-2024-50379 | POC Details |
| 19 | None | https://github.com/thunww/CVE-2024-50379 | POC Details |
| 20 | CVE-2024-50379-exp | https://github.com/gomtaengi/CVE-2024-50379-exp | POC Details |
| 21 | Cve exploiting | https://github.com/Yuri08loveElaina/CVE-2024-50379-POC | POC Details |
| 22 | None | https://github.com/Yuri08loveElaina/CVE-2024-50379 | POC Details |
| 23 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability | https://github.com/radzek15/CVE-2024-50379-TOCTOU | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-50379
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: Apache Tomcat
- CVE-2026-34500
Apache Tomcat: OCSP checks sometimes soft-fail with FFM even - CVE-2026-34487
Apache Tomcat: Cloud membership for clustering component exp - CVE-2026-34486
Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of Encr - CVE-2026-34483
Apache Tomcat: Incomplete escaping of JSON access logs - CVE-2026-32990
Apache Tomcat: Fix for CVE-2025-66614 is incomplete
Same vendor: Apache Software Foundation
- CVE-2026-39816
Apache NiFi: Missing Execute Code Required Permission on Tin - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro - CVE-2026-25077
Apache CloudStack: Unauthenticated Command Injection in Dire - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2025-66467
Apache CloudStack: MinIO policy remains intact on bucket del
Same weakness: CWE-367
- CVE-2026-42344
FastGPT: DNS rebinding TOCTOU bypass in isInternalAddress al - CVE-2026-44694
n8n-MCP: Authenticated SSRF in n8n-mcp webhook and API clien - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2026-34354
Akamai Guardicore Platform Agent 安全漏洞 - CVE-2026-41002
VMware Spring Cloud Config 安全漏洞
V. Comments for CVE-2024-50379
No comments yet