CVE-2026-25512 PoC — Group Office 操作系统命令注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2026/CVE-2026-25512.yaml

Associated Vulnerability

Title:Group Office 操作系统命令注入漏洞 (CVE-2026-25512)
Description:Group Office是荷兰Group Office公司的一款模块化的办公套件。 Group Office 6.8.150之前版本、25.0.82之前版本和26.0.5之前版本存在操作系统命令注入漏洞，该漏洞源于email/message/tnefAttachmentFromTempFile端点对用户控制的参数拼接不当，可能导致远程命令执行。

Description

Group-Office before versions 6.8.150, 25.0.82, and 26.0.5 is vulnerable to remote code execution via OS command injection. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmp_file into an exec() call. By injecting shell metacharacters into tmp_file, an authenticated attacker can execute arbitrary system commands on the server.

File Snapshot


 id: CVE-2026-25512

info:
  name: Group-Office < 26.0.5 - Remote Code Execution
  author: omarkurt
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!