来源

关联漏洞

描述

A C‑based proof‑of‑concept exploit for CVE‑2025‑54769, automating the creation and upload of a malicious Perl CGI script to LPAR2RRD’s upgrade endpoint, leveraging directory traversal for remote code execution.

介绍

# CVE-2025-54769 – LPAR2RRD (RCE)

## Description : 
 

This repository contains a Proof‑of‑Concept (PoC) exploit for CVE-2025-54769, a vulnerability found in lpar2rrd.


The vulnerability allows remote code execution (RCE) and directory traversal by abusing the /lpar2rrd-cgi/upgrade.sh endpoint. The exploit workflow is as follows:


- Script Generation : 


Automatically creates a malicious Perl CGI payload (users.pl) that executes arbitrary shell commands (default: whoami).


- Payload Upload :


Uses libcurl to POST the generated script as an “upgrade package” to the vulnerable endpoint, bypassing basic file validation.


- Directory Traversal : 


Exploits a path traversal flaw to move the uploaded script into the CGI directory, making it accessible for execution.


- Command Execution & Retrieval:


Triggers the CGI script via a crafted GET request (/lpar2rrd-cgi/users.sh?cmd=commandLinux) and captures the command output for the attacker.


## Usage :

```
gcc exploit.c argparse.c -o exploit -lcurl
./exploit -i <IP> -p PORT -t <PROTOCOL>
```
- Verbose Mode :
```
./exploit -i <IP> -p <PORT> -t <PROTOCOL> -v 
``` 

Replace with the target LPAR2RRD instance. The target port should match the service (e.g., 80 for HTTP, 443 for HTTPS), and the protocol should be either http or https

## References :


- NVD Entry: https://nvd.nist.gov/vuln/detail/CVE-2025-54769  


- CVE : https://www.cve.org/CVERecord?id=CVE-2025-54769

## License :


MIT License

文件快照

 [4.0K]  /data/pocs/f916929414b18d8fa5cfb65fd37deda2d670c7d9
├── [ 19K]  exploit.c
├── [1.0K]  LICENSE
└── [1.5K]  README.md

0 directories, 3 files

备注