📄 FuguHub 8.1 RSA Private Key Disclosure_PACKETSTORM:213314

6.1 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

A web-accessible documentation file in FuguHub version 8.1 was found to contain an embedded RSA private key paired with an X.509 certificate. The affected file resides within an examples directory and is intended solely for demonstration purposes...

Visit Original Source

Basic Information

ID PACKETSTORM:213314

Published Dec 26, 2025 at 00:00

Affected Product

Affected Versions =============================================================================================================================================
| # Title : FuguHub 8.1 Public Disclosure RSA Private Key in Web-Accessible Documentation |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.2 (64 bits) |
| # Vendor : http://fuguhub.com |
=============================================================================================================================================

[+] References : https://packetstorm.news/files/id/213256/ & CVE-2025-65790

[+] Summary : A web-accessible documentation file was found to contain an embedded RSA private key paired with an X.509 certificate.
The affected file resides within an examples directory and is intended solely for demonstration purposes.

[+] POC :

Path : /ba/doc/en/examples/servercon.txt

demo : http://127.0.0.1/fuguhub/ba/doc/en/examples/servercon.txt

Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================

{
    "lastseen": "2025-12-26T17:18:25",
    "description": "A web-accessible documentation file in FuguHub version 8.1 was found to contain an embedded RSA private key paired with an X.509 certificate. The affected file resides within an examples directory and is intended solely for demonstration purposes...",
    "published": "2025-12-26T00:00:00",
    "modified": "2025-12-26T00:00:00",
    "type": "packetstorm",
    "title": "\ud83d\udcc4 FuguHub 8.1 RSA Private Key Disclosure",
    "source": "",
    "references": "",
    "id": "PACKETSTORM:213314",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2025-65790"
    ],
    "sourceData": "=============================================================================================================================================\n    | # Title     : FuguHub 8.1 Public Disclosure RSA Private Key in Web-Accessible Documentation                                               |\n    | # Author    : indoushka                                                                                                                   |\n    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.2 (64 bits)                                                            |\n    | # Vendor    : http://fuguhub.com                                                                                                          |\n    =============================================================================================================================================\n    \n    [+] References : https://packetstorm.news/files/id/213256/ & \tCVE-2025-65790\n    \n    [+] Summary    : A web-accessible documentation file was found to contain an embedded RSA private key paired with an X.509 certificate. \n                    The affected file resides within an examples directory and is intended solely for demonstration purposes. \n    \t\t\t\t\n    [+] POC :\n    \n    Path : /ba/doc/en/examples/servercon.txt\n    \n    demo : http://127.0.0.1/fuguhub/ba/doc/en/examples/servercon.txt\n    \n    Greetings to :=====================================================================================\n    jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\n    ===================================================================================================",
    "sourceHref": "https://packetstorm.news/download/213314",
    "cvss": {
        "score": 6.1,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://packetstorm.news/files/id/213314/",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

💭 Join the Security Discussion ❌ Cancel Reply