支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款

POC详情: 4bb5cac5e1eabe0f67105aca00ef4ffca518a1c0

来源
https://github.com/rxerium/CVE-2025-34299
关联漏洞
标题:Monsta FTP 安全漏洞 (CVE-2025-34299)
描述:Monsta FTP是新西兰Monsta公司的一款轻量级文件管理器。它支持文件传输、文件管理和文档编辑等功能。 Monsta FTP 2.11及之前版本存在安全漏洞,该漏洞源于允许未经身份验证的任意文件上传,可能导致执行任意代码。
描述
Detection for CVE-2025-34299
介绍
# <img src="https://raw.githubusercontent.com/Tarikul-Islam-Anik/Animated-Fluent-Emojis/master/Emojis/Objects/Locked.png" alt="Locked" width="25" height="25" /> CVE-2025-34299

Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.

## <img src="https://raw.githubusercontent.com/Tarikul-Islam-Anik/Animated-Fluent-Emojis/master/Emojis/Objects/Magnifying%20Glass%20Tilted%20Left.png" alt="Search" width="25" height="25" /> How does this detection method work?

This detection template works by sending a GET request to the target URL, checking if the response contains <title>Monsta FTP with a 200 status code, extracting the version from the title tag using regex, and then comparing it against version 2.11 to identify vulnerable instances.

## <img src="https://raw.githubusercontent.com/Tarikul-Islam-Anik/Animated-Fluent-Emojis/master/Emojis/Travel%20and%20places/Rocket.png" alt="Rocket" width="25" height="25" /> How do I run this script?

1. Download and install [Nuclei](https://github.com/projectdiscovery/nuclei).
2. Clone this repostory to your local system.
3. Run the following command: 
```sh
nuclei -u <ip|fqdn> -t template.yaml
```

Or if you would like to scan a list of hosts, execute:
```sh
nuclei -l <list.txt> -t template.yaml
```

## <img src="https://raw.githubusercontent.com/Tarikul-Islam-Anik/Animated-Fluent-Emojis/master/Emojis/Objects/Books.png" alt="Books" width="25" height="25" /> References

- https://nvd.nist.gov/vuln/detail/CVE-2025-34299
- https://labs.watchtowr.com/whats-that-coming-over-the-hill-monsta-ftp-remote-code-execution-cve-2025-34299/
- https://www.shodan.io/search?query=http.title%3A%22Monsta+FTP%22
- https://github.com/projectdiscovery/nuclei


## <img src="https://raw.githubusercontent.com/Tarikul-Islam-Anik/Animated-Fluent-Emojis/master/Emojis/Symbols/Warning.png" alt="Warning" width="25" height="25" /> Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

---

## <img src="https://raw.githubusercontent.com/Tarikul-Islam-Anik/Animated-Fluent-Emojis/master/Emojis/Objects/Page%20with%20Curl.png" alt="License" width="25" height="25" /> License

This project is licensed under the MIT License.

## <img src="https://raw.githubusercontent.com/Tarikul-Islam-Anik/Animated-Fluent-Emojis/master/Emojis/Smilies/Speech%20Balloon.png" alt="Contact" width="25" height="25" /> Contact

If you have any questions about this vulnerability detection script please reach out to me via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw).

If you would like to connect, I am mostly active on [Twitter/X](https://x.com/rxerium) and [LinkedIn](https://www.linkedin.com/in/rxerium/).
文件快照

 [4.0K]  /data/pocs/4bb5cac5e1eabe0f67105aca00ef4ffca518a1c0
├── [ 854]  CVE-2025-34299.yaml
├── [1.0K]  LICENSE
└── [2.9K]  README.md

1 directory, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。