Hunting and Exploiting the Apache Ghostcat

The Apache Ghostcat vulnerability is a file inclusion vulnerability which came out in the first quarter of this year while the world was gearing up for a lockdown fight up against the coronavirus.

It allows any attacker to read files such as configuration files , test files or any other tomcat directory files . In addition, if a victim website permits any user to upload files, an attacker…