github
/
uuWAF
mirror of https://github.com/Safe3/uuWAF
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

CVE-2025-24813 Rule

main
UUSEC Technology 2025-03-12 21:58:44 +08:00
parent 79cbbb1ad8
commit 393262d525
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/rules/cve-2025-24813.lua Normal file
View File

@ -0,0 +1,13 @@
--[[
Rule name: CVE-2025-24813 Tomcat RCE
Filtering stage: Request phase
Threat level: Critical
Rule description: Filter the Tomcat remote code execution vulnerability (CVE-2025-24813)
--]]
if waf.method == "PUT" and waf.endWith(waf.uri, "/session") and waf.reqHeaders["Content-Range"] then
return true, waf.form["RAW"], true
end
return false