CVE-2025-27591 PoC — below 安全漏洞

Source

https://github.com/umutcamliyurt/CVE-2025-27591

Associated Vulnerability

Title:below 安全漏洞 (CVE-2025-27591)
Description:below是Meta Incubator开源的一个现代 Linux 系统的资源监视器。 below v0.9.0之前版本存在安全漏洞，该漏洞源于创建了全局可写目录，可能导致通过符号链接攻击提升到root权限。

Description

Below <v0.9.0 PoC Privilege Escalation Exploit

Readme

# CVE-2025-27591

## Below <v0.9.0 PoC Privilege Escalation Exploit

## Disclaimer

This exploit is intended for **educational purposes only**. It is designed to help users understand security vulnerabilities and improve their knowledge of cybersecurity. The author does not condone any illegal activities or unauthorized access to systems. Use this information responsibly and only in environments where you have explicit permission to test.

## Description:

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.

File Snapshot


 [4.0K]  /data/pocs/1806cc14be4874bc4067ee54946146d1363d5349
├── [1.2K]  exploit.sh
└── [ 758]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!