Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers. The bug does open the door to RCE, according to Flashpoint analysts Cheng Lu and Steven Ouellette. The now-patched bug affects Tomcat versions 7.0, 8.5 and 9.0.0. Tomcat s AJP port, on 8009, is exposed allowing outside users to interact with and gain access to the Tomcat server itself.
Source: https://threatpost.com/apache-tomcat-exploit-stealing-files/154055/