PoC Week 2025-06-02
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.
CVE-2025-48828
- Severity: 9.0 CRITICAL
- Impacted Products: Vbulletin 6.0.3
- Description: Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the “var_dump”(“test”) syntax, attackers can bypass security checks and execute arbitrary PHP code, as exploited in the wild in May 2025.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-48828
- PoC: https://karmainsecurity.com/pocs/vBulletin-replaceAdTemplate-RCE.php
CVE-2025-5099
- Severity: 9.8 CRITICAL
- Impacted Products: Mobile Dynamix PrinterShare Mobile Print < 12.15.01
- Description: An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-5099
- PoC: https://korelogic.com/Resources/Advisories/KL-001-2025-004.poc.js.txt
CVE-2025-4978
- Severity: 9.3 CRITICAL
- Impacted Products: Netgear DGND3700 1.1.00.15_1.00.15NA
- Description: This affects an unknown part of the file /BRS_top.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-4978
- PoC: https://github.com/at0de/my_vulns/blob/main/Netgear/DGND3700v2/backdoor.md
CVE-2025-46724
- Severity: 9.8 CRITICAL
- Impacted Products: Langroid < 0.53.15
- Description: Langroid is a Python framework to build large language model (LLM)-powered applications. Prior to version 0.53.15,
TableChatAgent
usespandas eval()
. If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection. Langroid 0.53.15 sanitizes input toTableChatAgent
by default to tackle the most common attack vectors, and added several warnings about the risky behavior in the project documentation. - Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-46724
- PoC: https://github.com/advisories/GHSA-jqq5-wc57-f8hj
CVE-2025-44890
- Severity: 9.8 CRITICAL
- Impacted Products: FW-WGS-804HPT v1.305b241111
- Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-44890
- PoC: https://lafdrew.github.io/2025/04/20/web-snmp-notifyv3-add-post-host-ip/
CVE-2025-44888
- Severity: 9.8 CRITICAL
- Impacted Products: FW-WGS-804HPT v1.305b241111
- Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-44888
- PoC: https://lafdrew.github.io/2025/04/20/web-stp-globalSetting-post-stp-conf-name/
CVE-2025-44887
- Severity: 9.8 CRITICAL
- Impacted Products: FW-WGS-804HPT v1.305b241111
- Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-44887
- PoC: https://lafdrew.github.io/2025/04/20/web-radiusSrv-post-radIp
CVE-2025-44886
- Severity: 9.8 CRITICAL
- Impacted Products: FW-WGS-804HPT v1.305b241111
- Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-44886
- PoC: https://lafdrew.github.io/2025/04/20/web-acl-mgmt-Rules-Edit-post-ruleEditName
CVE-2025-44884
- Severity: 9.8 CRITICAL
- Impacted Products: FW-WGS-804HPT v1.305b241111
- Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-44884
- PoC: https://lafdrew.github.io/2025/04/20/web-sys-infoContact-post-contact
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.