Apache Tomcat Deserialization of Untrusted Data RCE (CVE-2020-9484)

Technical Nov 11, 2020 4 min read

Originally published on Medium.

A walkthrough of the conditions required to exploit CVE-2020-9484 — the Apache Tomcat deserialization-of-untrusted-data RCE — and what hardening prevents it. Read the full piece on Medium.

Apache Tomcat Deserialization of Untrusted Data RCE (CVE-2020-9484)

How I Automate Authenticated API Security Testing

Tunnel Traffic Through Jump Host