Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-25094 PoC — Tatsu < 3.3.12 - Unauthenticated RCE

Source
https://github.com/TUANB4DUT/typehub-exploiter
Associated Vulnerability
Title:Tatsu < 3.3.12 - Unauthenticated RCE (CVE-2021-25094)
Description:The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By adding a PHP shell with a filename starting with a dot ".", this can bypass extension control implemented in the plugin. Moreover, there is a race condition in the zip extraction process which makes the shell file live long enough on the filesystem to be callable by an attacker.
Description
GILANG - Exploiter for CVE-2021-25094
Readme
# typehub-exploiter
GILANG - Exploiter for CVE-2021-25094
referrence : https://darkpills.com/wordpress-tatsu-builder-preauth-rce-cve-2021-25094/
payload : site.com/wp-admin/admin-ajax.php
bug path : site.com/wp-content/uploads/typehub/custom/

Thanks to : Ibnudz, Dark clown security
greetz : Garuda Tersakti 72. Buitenzorg Syndicate.
File Snapshot

 [4.0K]  /data/pocs/9ed281a49b338e0260605debcbe4ef7632acd729
├── [ 11K]  LICENSE
├── [ 335]  README.md
├── [ 551]  sexploiter.sh
└── [4.6K]  zip.zip

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →