CVE-2025-60595 PoC — SPH Engineering UgCS 安全漏洞

Source

https://github.com/Clicksafeae/CVE-2025-60595

Associated Vulnerability

Title:SPH Engineering UgCS 安全漏洞 (CVE-2025-60595)
Description:SPH Engineering UgCS是拉脱维亚SPH公司的一款无人机任务规划与飞行控制软件。 SPH Engineering UgCS 5.13.0版本存在安全漏洞，该漏洞源于可能导致任意代码执行。

Description

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution. This is the public refrence to be used on CVE site

Readme

# CVE-2025-60595
SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution. This is the public refrence to be used on CVE site

Arbitary code execution on the product owned by SPH Engineering. UGCS 5.13.0!
Ardupilot/mavparse.py direct lines being Lines 230  "243: on the sph engineering github we can see the parser reads XML attributes and sets value = eval(attrs['value']) If an attacker can craft an XML file with a malicious value attribute for example > __import__('os').system('touch /tmp/pwned')), eval will then execute it.

Impact: Code execution
Attack type: Local 

Discovered and report by clicksafe 
Clicksafe.pro

File Snapshot


 [4.0K]  /data/pocs/5df2cd29d1454a9ee4f6a195d915ff1f799b3836
└── [ 638]  README.md

1 directory, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!