Apache Tomcat CGIServlet enableCmdLineArguments Remote Code Execution
Posted on 02 July 2019
This Metasploit module exploits a vulnerability in Apache Tomcat's CGIServlet component. When the enableCmdLineArguments setting is set to true, a remote user can abuse this to execute system commands, and gain remote code execution.
