POC详情: 185131451e9fb7bacc3da98bfc8174a57318ec33

来源
https://github.com/Smarttfoxx/CVE-2025-60791
关联漏洞
标题: Sourceforge Easywork Enterprise 安全漏洞 (CVE-2025-60791)
描述:Sourceforge Easywork Enterprise是Sourceforge开源的一个企业管理系统。 Sourceforge Easywork Enterprise 2.1.3.354版本存在安全漏洞,该漏洞源于明文存储敏感信息在内存中,可能导致未经授权激活软件。
描述
Easywork Enterprise 2.1.3.354 is vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt.
介绍
# CVE-2025-60791
CVE-2025-60791: Cleartext Storage of Sensitive Information in Memory.

Easywork Enterprise 2.1.3.354 is vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt. The keys can be obtained by attaching a debugger or analyzing the process/memory dump and then they can be used to activate the software on the same machine without purchasing.

<img width="1626" height="649" alt="image" src="https://github.com/user-attachments/assets/2d02779e-6810-46ec-9e8e-fb09d155055a" />

<img width="949" height="596" alt="image" src="https://github.com/user-attachments/assets/576c1de8-983d-4a8d-822f-1d9d1ee056ef" />
文件快照

 [4.0K]  /data/pocs/185131451e9fb7bacc3da98bfc8174a57318ec33
└── [ 740]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。