Tomcat PUT方法任意写文件漏洞(CVE-2017-12615)
Tomcat版本:8.5.19
Apache Tomcat 7.0.0 - 7.0.79
漏洞本质Tomcat配置了可写(readonly=false),导致我们可以往服务器写文件:
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>readonly</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
虽然Tomcat对文件后缀有一定检测(不能直接写jsp&#