One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild - Security Boulevard

A new remote code execution (RCE) vulnerability, CVE-2025-24813, is being actively exploited in the wild. The exploit, which requires only one PUT API request, leverages Tomcat’s default session persistence mechanism and support for partial PUT requests. Traditional WAFs fail to detect this attack due to its multi-step nature and base64 encoding, making real-time API security the only effective defense.