CVE-2025-6384 PoC — Improper Control of Dynamically-Managed Code Resources in Crafter Studio

Source

https://github.com/mbadanoiu/CVE-2025-6384

Associated Vulnerability

Title:Improper Control of Dynamically-Managed Code Resources in Crafter Studio (CVE-2025-6384)
Description:Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution). This issue affects CrafterCMS: from 4.0.0 through 4.2.2.

Description

CVE-2025-6384: Groovy Sandbox Bypass 2 in CrafterCMS

Readme

# CVE-2025-6384: Groovy Sandbox Bypass 2 in CrafterCMS

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

### Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found [here](https://craftercms.com/docs/current/security/advisory.html#cv-2025061901)

### Requirements:

This vulnerability requires:
<br/>
- Valid user credentials

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2025-6384/blob/main/CrafterCMS%20-%20CVE-2025-6384.pdf).

File Snapshot


 [4.0K]  /data/pocs/d9422671fa8e82ea1cf72db2d5cfddcd5fafadc1
├── [1.7M]  CrafterCMS - CVE-2025-6384.pdf
└── [ 677]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!