![]() ![]() An attacker with the ability to interact with the AJP protocol could exploit these vulnerabilities using specially crafted packets and/or files. These vulnerabilities exist in the AJP protocol which is, by default, exposed over TCP port 8009 and enabled. CVE-2020-1745 is a vulnerability very similar to CVE-2020-1938 but occurs in Apache Undertow. ![]() CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat.
0 Comments
Leave a Reply. |