Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-88v7-kc2y-bfd7
Vulnerability ID VCID-88v7-kc2y-bfd7
Aliases CVE-2007-5461
GHSA-v5p2-vg3c-pmrr
Summary Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-352 Cross-Site Request Forgery (CSRF)
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual LOW http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
generic_textual LOW http://issues.apache.org/jira/browse/GERONIMO-3549
generic_textual LOW http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
generic_textual LOW http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
generic_textual LOW http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
generic_textual LOW http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
generic_textual LOW http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
generic_textual LOW http://marc.info/?l=bugtraq&m=139344343412337&w=2
generic_textual LOW http://marc.info/?l=full-disclosure&m=119239530508382
generic_textual LOW http://rhn.redhat.com/errata/RHSA-2008-0630.html
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
epss 0.06267 https://api.first.org/data/v1/epss?cve=CVE-2007-5461
apache_tomcat Important https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
generic_textual LOW http://security.gentoo.org/glsa/glsa-200804-10.xml
generic_textual LOW https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
cvssv3.1_qr LOW https://github.com/advisories/GHSA-v5p2-vg3c-pmrr
generic_textual LOW https://github.com/apache/tomcat
generic_textual LOW https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c
generic_textual LOW https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d
generic_textual LOW https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2007-5461
generic_textual LOW http://support.apple.com/kb/HT2163
generic_textual LOW http://support.apple.com/kb/HT3216
generic_textual LOW https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
generic_textual LOW http://tomcat.apache.org/security-4.html
generic_textual LOW http://tomcat.apache.org/security-5.html
generic_textual LOW http://tomcat.apache.org/security-6.html
generic_textual LOW http://www.debian.org/security/2008/dsa-1447
generic_textual LOW http://www.debian.org/security/2008/dsa-1453
generic_textual LOW http://www.redhat.com/support/errata/RHSA-2008-0042.html
generic_textual LOW http://www.redhat.com/support/errata/RHSA-2008-0195.html
generic_textual LOW http://www.redhat.com/support/errata/RHSA-2008-0261.html
generic_textual LOW http://www.redhat.com/support/errata/RHSA-2008-0862.html
Reference id Reference type URL
http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
http://issues.apache.org/jira/browse/GERONIMO-3549
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://marc.info/?l=full-disclosure&m=119239530508382
http://rhn.redhat.com/errata/RHSA-2008-0630.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json
https://api.first.org/data/v1/epss?cve=CVE-2007-5461
http://security.gentoo.org/glsa/glsa-200804-10.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
https://github.com/apache/tomcat
https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c
https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
http://support.apple.com/kb/HT2163
http://support.apple.com/kb/HT3216
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
http://tomcat.apache.org/security-4.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://www.debian.org/security/2008/dsa-1447
http://www.debian.org/security/2008/dsa-1453
http://www.redhat.com/support/errata/RHSA-2008-0042.html
http://www.redhat.com/support/errata/RHSA-2008-0195.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.redhat.com/support/errata/RHSA-2008-0862.html
333791 https://bugzilla.redhat.com/show_bug.cgi?id=333791
CVE-2007-5461 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
CVE-2007-5461 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl
CVE-2007-5461 https://nvd.nist.gov/vuln/detail/CVE-2007-5461
GHSA-v5p2-vg3c-pmrr https://github.com/advisories/GHSA-v5p2-vg3c-pmrr
GLSA-200804-10 https://security.gentoo.org/glsa/200804-10
OSVDB-38187;CVE-2007-5461 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl
RHSA-2008:0042 https://access.redhat.com/errata/RHSA-2008:0042
RHSA-2008:0151 https://access.redhat.com/errata/RHSA-2008:0151
RHSA-2008:0158 https://access.redhat.com/errata/RHSA-2008:0158
RHSA-2008:0195 https://access.redhat.com/errata/RHSA-2008:0195
RHSA-2008:0213 https://access.redhat.com/errata/RHSA-2008:0213
RHSA-2008:0630 https://access.redhat.com/errata/RHSA-2008:0630
Data source Exploit-DB
Date added Oct. 13, 2007
Description Apache Tomcat - 'WebDAV' Remote File Disclosure
Ransomware campaign use Known
Source publication date Oct. 14, 2007
Exploit type remote
Platform multiple
Source update date Dec. 14, 2016
Exploit Prediction Scoring System (EPSS)
Percentile 0.90873
EPSS Score 0.06267
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:38:17.730773+00:00 Apache Tomcat Importer Import https://tomcat.apache.org/security-6.html 38.0.0