Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2025-48988 PoC — Apache Tomcat: FileUpload large number of parts with headers DoS

Source
https://github.com/Samb102/POC-CVE-2025-48988-CVE-2025-48976
Associated Vulnerability
Title:Apache Tomcat: FileUpload large number of parts with headers DoS (CVE-2025-48988)
Description:Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.
Readme
# CVE-2025-48988 & CVE-2025-48976
## About
This project runs a simple file upload endpoint with Tomcat 10.1.41 and a Jakarta Servlet.

The exploit runs, by default, 1000 parallelized multipart requests with 1000 parts and 50 headers by part, from 50 workers.

## Run POC
Build and run the Docker container:

```docker build -t poc-cve-2025-48988 .```

```docker run -p 8080:8080 poc-cve-2025-48988```

Launch the exploit:

```python3 exploit-cve-2025-48988.py```

Monitor container resource usage:

```docker stats```

You will observe a significant increase in CPU usage:
![Stats](screenshots/docker_stats_tomcat_10.1.41.png)

## Remediation
Change docker image in dockerfile from `tomcat:10.1.41-jdk17` to `tomcat:10.1.42-jdk17`

With its default configuration, Tomcat will now respond with a 500 status code and CPU usage will remain stable, as per [fix](https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86#diff-1c3529b11adf91d5683a4d5394264b2f71383677ff4fb07f30f3e70c11b8e585R488-R877) introduced in Tomcat 10.1.42.
File Snapshot

 [4.0K]  /data/pocs/50522062b217027f9165912b123511c930a1f30a
├── [ 833]  dockerfile
├── [2.0K]  exploit-cve-2025-48988.py
├── [1.0K]  README.md
├── [4.0K]  screenshots
│   └── [ 14K]  docker_stats_tomcat_10.1.41.png
├── [4.0K]  src
│   └── [1011]  UploadServlet.java
└── [4.0K]  web
    └── [4.0K]  WEB-INF
        └── [ 330]  web.xml

4 directories, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →