POC详情: 542df52030eedcc189376563cda57e589b8175ec

来源
关联漏洞
标题: N/A (CVE-2025-0994)
描述:Trimble Cityworks版本早于15.8.9以及Cityworks带office伴侣版本早于23.10存在反序列化漏洞。这可能会允许经过身份验证的用户对客户Microsoft Internet Information Services (IIS) 网络服务器执行远程代码攻击。
描述
Cityworks deserialization of untrusted data vulnerability PoC
介绍
# CVE-2025-0994

 ## How does this detection method work?

This Nuclei template extracts the version stored in the HTML body and based on the version we can determine whether the instance is vulnerable to CVE-2025-0994 or not. 

Patched version: 15.8.9

 ## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t template.yaml` 

## References

- https://thehackernews.com/2025/02/cisa-warns-of-active-exploitation-in.html
- https://www.shodan.io/search?query=title%3A%22Cityworks%22&page=1


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

## Contact

Feel free to reach out to me on [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) or via email: rishi@rxerium.com.
文件快照

[4.0K] /data/pocs/542df52030eedcc189376563cda57e589b8175ec ├── [ 981] README.md └── [1.1K] template.yaml 0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。