Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-10352 PoC — Melis Platform 安全漏洞

Source
https://github.com/ivansmc00/CVE-2025-10352-POC
Associated Vulnerability
Title:Melis Platform 安全漏洞 (CVE-2025-10352)
Description:Melis Platform是Melis Platform开源的一个开源跨框架数字平台。 Melis Platform存在安全漏洞,该漏洞源于melis-core模块,未经验证的攻击者可通过请求/melis/MelisCore/ToolUser/addNewUser创建管理员账户,可能导致权限提升。
Description
Exploit for CVE-2025-10352. Admin account creation on Melis Platform Framework
Readme
# CVE-2025-10352 POC - Admin Account Creation 🛠️
> POC for CVE-2025-10352: An unauthenticated endpoint in Melis Platform (melis-core) that allows creation of an administrator account via a crafted HTTP request to a specific admin endpoint.

![status](https://img.shields.io/badge/status-proof%20of%20concept-orange)
![request](https://img.shields.io/badge/request-raw%20HTTP-blue)

---

## 🔗 References

- 📄 [CVE-2025-10352 on MITRE](https://www.cve.org/CVERecord?id=CVE-2025-10352)
- 📄 [Melis Platform Warning on INCIBE (Spanish National Cybersecurity Institute)](https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-melis-platform)
- 📄 PoC: `CVE-2025-10352-POC.txt` (raw HTTP request exported from Burp)

---

## 🚀 Description

This PoC targets an **unauthenticated administrative endpoint** in the `melis-core` module:

```
/melis/MelisCore/ToolUser/addNewUser
```

A remote unauthenticated attacker can submit a crafted request to this endpoint to create a new user with administrator privileges. Because the endpoint lacks proper authentication and authorization checks, the attacker gains persistent administrative access to the application.

**Impact includes:**
- Creation of persistent admin accounts.
- Full administrative takeover of the web application.
- Potential lateral movement, data exfiltration, and destructive actions.

---

## 🛠️ Requirements

- Burp Suite (recommended) or any HTTP proxy that accepts raw HTTP requests.
- `curl`, `nc`/`netcat`, or `socat` for manual testing if you prefer CLI.
- Access to `CVE-2025-10352-POC.txt` (raw HTTP request exported from Burp).
- Authorization to test the target system (see legal notice).

---

## 🧪 Usage

### Basic check (Burp Repeater)
1. Open Burp → Repeater.
2. Open `CVE-2025-10352-POC.txt`, copy the raw HTTP request.
3. Paste into a new Repeater tab, set the proper host and press **Send**.
4. Check response for success (200/201/302 or JSON/text confirming creation).
5. Attempt login with the created credentials or confirm via the user listing endpoint.

---

## ⚠️ Disclaimer

This document is for authorized security testing and remediation only. Do **not** use the PoC or reproduction steps against systems you do not own or do not have explicit permission to test. The author is not responsible for misuse.

---

Made with ❤️ by Manuel Iván San Martín Castillo
File Snapshot

 [4.0K]  /data/pocs/1fb5cbe6944fb5295c29257a7be5e68c02b947d2
├── [3.3K]  CVE-2025-10352-POC.txt
├── [1.0K]  LICENSE
└── [2.4K]  README.md

1 directory, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.