CVE-2025-60791 PoC — Sourceforge Easywork Enterprise 安全漏洞

Source

https://github.com/Smarttfoxx/CVE-2025-60791

Associated Vulnerability

Title:Sourceforge Easywork Enterprise 安全漏洞 (CVE-2025-60791)
Description:Sourceforge Easywork Enterprise是Sourceforge开源的一个企业管理系统。 Sourceforge Easywork Enterprise 2.1.3.354版本存在安全漏洞，该漏洞源于明文存储敏感信息在内存中，可能导致未经授权激活软件。

Description

Easywork Enterprise 2.1.3.354 is vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt.

Readme

# CVE-2025-60791
CVE-2025-60791: Cleartext Storage of Sensitive Information in Memory.

Easywork Enterprise 2.1.3.354 is vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt. The keys can be obtained by attaching a debugger or analyzing the process/memory dump and then they can be used to activate the software on the same machine without purchasing.

<img width="1626" height="649" alt="image" src="https://github.com/user-attachments/assets/2d02779e-6810-46ec-9e8e-fb09d155055a" />

<img width="950" height="598" alt="image" src="https://github.com/user-attachments/assets/6aaeb592-8c21-4197-afa4-8f860a91fd9e" />

File Snapshot


 [4.0K]  /data/pocs/185131451e9fb7bacc3da98bfc8174a57318ec33
└── [ 741]  README.md

1 directory, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!