Exploit for Deserialization of Untrusted Data in Bentoml

May 4, 2025 invoker category_exploit

Exploit Details

Basic Information

Exploit Title Exploit for Deserialization of Untrusted Data in Bentoml
Exploit ID 6C9F3C1D-C8CF-50ED-A7C3-C4EB41A76B58
Type githubexploit
Published 2025-05-03T19:04:22
Modified 2025-05-03T19:10:41

CVSS Information

CVSS Score 9.8
Severity CRITICAL
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE Information

  • CVE-2025-32375

Exploit Description

Setup for the vulnerable version. Start the vulnerable container: sh docker compose up Create a listener (e.g. ncat): sh ncat -klnv 1337 Run the exploit: sh python3 exploit.py You should receive…

Exploit Code

View Full Exploit Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.