Exploit for CVE-2025-55182_FBA4A3EC-9621-550F-8A1C-267D8474C8E4

10 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Description

研究CVE-2025-55182全版本利用漏洞 open -a Calculator 是 macOS 下典型的本地图形化（GUI）验证命令，但在针对远程服务器（通常是无界面的 Linux 或 Windows Server）进行 RCE（远程代码执行）验证时，这条命令是无效且不可见的。在安全 PoC 验证中，最常用、最简单的替换命令取决于你能否看到命令的回显： 1. 如果能看到回显 Echo/Output based 这是最简单的情况，你需要一个命令来证明代码已执行，并且能告诉你当前的权限。...

Visit Original Source

Basic Information

ID FBA4A3EC-9621-550F-8A1C-267D8474C8E4

Published Dec 5, 2025 at 13:50

Modified Dec 5, 2025 at 13:57

{
    "lastseen": "2025-12-05T14:04:55",
    "description": "\u7814\u7a76CVE-2025-55182\u5168\u7248\u672c\u5229\u7528\u6f0f\u6d1e open -a Calculator \u662f macOS \u4e0b\u5178\u578b\u7684\u672c\u5730\u56fe\u5f62\u5316\uff08GUI\uff09\u9a8c\u8bc1\u547d\u4ee4\uff0c\u4f46\u5728\u9488\u5bf9\u8fdc\u7a0b\u670d\u52a1\u5668\uff08\u901a\u5e38\u662f\u65e0\u754c\u9762\u7684 Linux \u6216 Windows Server\uff09\u8fdb\u884c RCE\uff08\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\uff09\u9a8c\u8bc1\u65f6\uff0c\u8fd9\u6761\u547d\u4ee4\u662f\u65e0\u6548\u4e14\u4e0d\u53ef\u89c1\u7684\u3002 \u5728\u5b89\u5168 PoC \u9a8c\u8bc1\u4e2d\uff0c\u6700\u5e38\u7528\u3001\u6700\u7b80\u5355\u7684\u66ff\u6362\u547d\u4ee4\u53d6\u51b3\u4e8e\u4f60\u80fd\u5426\u770b\u5230\u547d\u4ee4\u7684\u56de\u663e\uff1a 1. \u5982\u679c\u80fd\u770b\u5230\u56de\u663e Echo/Output based \u8fd9\u662f\u6700\u7b80\u5355\u7684\u60c5\u51b5\uff0c\u4f60\u9700\u8981\u4e00\u4e2a\u547d\u4ee4\u6765\u8bc1\u660e\u4ee3\u7801\u5df2\u6267\u884c\uff0c\u5e76\u4e14\u80fd\u544a\u8bc9\u4f60\u5f53\u524d\u7684\u6743\u9650\u3002...",
    "published": "2025-12-05T13:50:37",
    "modified": "2025-12-05T13:57:27",
    "type": "githubexploit",
    "title": "Exploit for CVE-2025-55182",
    "source": "",
    "references": "",
    "id": "FBA4A3EC-9621-550F-8A1C-267D8474C8E4",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2025-55182"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 10,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/XiaomingX/CVE-2025-55182-poc",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply