POC详情: e3a75daa820b393d7d494eb36f0f5c73d86c33a4

来源
https://github.com/SystemVll/CVE-2025-48827
关联漏洞
标题: Internet Brands vBulletin 安全漏洞 (CVE-2025-48827)
描述:Internet Brands vBulletin是Internet Brands公司的一个论坛插件。 Internet Brands vBulletin 5.0.0至5.7.5版本和6.0.0至6.0.3版本存在安全漏洞,该漏洞源于未经身份验证的用户可能调用受保护的API控制器方法。
描述
This repository contains a proof-of-concept exploit for CVE-2025-48827, a critical authentication bypass vulnerability affecting vBulletin 5.0.0–5.7.5 and 6.0.0–6.0.3 when running on PHP 8.1 or later. The vulnerability allows unauthenticated attackers to invoke protected API methods remotely.
介绍
# CVE-2025-48827 - vBulletin Authentication Bypass Exploit

## Overview
This repository contains a proof-of-concept exploit for CVE-2025-48827, a critical authentication bypass vulnerability affecting vBulletin 5.0.0–5.7.5 and 6.0.0–6.0.3 when running on PHP 8.1 or later. The vulnerability allows unauthenticated attackers to invoke protected API methods remotely, potentially leading to remote code execution and full system compromise.

- **Author:** pszyszkowski
- **Severity:** Critical
- **CVE:** [CVE-2025-48827](https://nvd.nist.gov/vuln/detail/CVE-2025-48827)
- **References:**
  - https://karmainsecurity.com/dont-call-that-protected-method-vbulletin-rce

## Impact
Successful exploitation allows unauthenticated remote attackers to execute arbitrary system commands as the web server user, resulting in full system compromise.

## Requirements
- Python 3.7+
- `requests` library
- `colored` library
- `pyfiglet` library

Install dependencies:
```bash
pip install requests colored pyfiglet
```

## Usage
Prepare a text file (e.g., `targets.txt`) with one target URL per line:
```
http://example.com
https://forum.example.org
```

Run the exploit:
```bash
python main.py targets.txt
```

Optional: Set a custom timeout (default is 10 seconds):
```bash
python main.py targets.txt --timeout 20
```

## How It Works
- Checks if the target is running vBulletin by looking for common indicators.
- Sends a crafted unauthenticated request to `/ajax/api/ad/wrapAdTemplate`.
- Confirms exploitation by checking for specific patterns in the JSON response.
- Reports vulnerable targets and provides remediation advice.

## Remediation
- Upgrade to vBulletin 6.0.4+ before upgrading to PHP 8.1.
- Apply the latest security patches.

## Disclaimer
This tool is for educational and authorized security testing purposes only. Do not use against systems without explicit permission.
文件快照

 [4.0K]  /data/pocs/e3a75daa820b393d7d494eb36f0f5c73d86c33a4
├── [ 11K]  main.py
├── [ 230]  pyproject.toml
├── [1.8K]  README.md
└── [9.5K]  uv.lock

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。