{"uuid": "1ff6bb4e-c622-4cf9-b207-aa51dc09429c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1938", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/705", "content": "#exploit                                                                                                                             CVE-2020-1938: \nGhostcat - Apache Tomcat (9.0.0.M1 - 9.0.0.30, 8.5.0 - 8.5.50, 7.0.0 - 7.0.99) Apache JServ Protocol File Read/Inclusion\nhttps://www.chaitin.cn/en/ghostcat#download\n]-> Detection tool:\nhttps://github.com/chaitin/xray/releases\n]-> PoCs:\nhttps://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi\nhttps://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC\nhttps://github.com/0nise/CVE-2020-1938\nhttps://github.com/xindongzhuaizhuai/CVE-2020-1938\nhttps://github.com/laolisafe/CVE-2020-1938\n]-> YARA rule to detect:\nhttps://github.com/Neo23x0/signature-base/blob/master/yara/vul_cve_2020_1938.yar", "creation_timestamp": "2024-10-10T02:21:50.000000Z"}