Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-27591 PoC — below 安全漏洞

Source
https://github.com/alialucas7/CVE-2025-27591_PoC
Associated Vulnerability
Title:below 安全漏洞 (CVE-2025-27591)
Description:A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Readme

## Proof-Of-Concept
### Usage
1. build
```bash
go build -o poc exploit.go 
```
2. move the binary to the target machine


https://github.com/user-attachments/assets/d5e3f8e7-ba05-42f8-a533-21179cd77177


## References
https://nvd.nist.gov/vuln/detail/CVE-2025-27591
https://access.redhat.com/security/cve/cve-2025-27591
https://github.com/facebookincubator/below/commit/da9382e6e3e332fd2c3195e22f34977f83f0f1f3
https://github.com/BridgerAlderson/CVE-2025-27591-PoC/tree/main
File Snapshot

 [4.0K]  /data/pocs/2c4b0e985cb3a533b90e19dedb906475b8d7facd
├── [3.5K]  exploit.go
└── [ 476]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →