Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-54068 PoC — Livewire 代码注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-54068.yaml
Associated Vulnerability
Title:Livewire 代码注入漏洞 (CVE-2025-54068)
Description:Livewire是Livewire开源的一个 Laravel 的全栈框架,允许您在不离开 PHP 的情况下构建动态 UI 组件。 Livewire 3.6.3及之前版本存在代码注入漏洞,该漏洞源于组件属性更新处理不当,可能导致远程命令执行。
Description
Livewire v3 (Laravel) contains a vulnerability in its component hydration/update mechanism that can be exploited to reach remote command execution (RCE) without authentication under certain conditions.
File Snapshot

 id: CVE-2025-54068

info:
  name: Laravel Livewire v3 - Remote Command Execution
  author: flame-11


...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.