CVE-2025-13925 IBM Aspera Console日志敏感信息泄露漏洞

# CVE-2025-13925 PoC - IBM Aspera Console Log Information Disclosure # This PoC demonstrates the vulnerability where sensitive information is stored in log files import os import re from pathlib import Path def check_aspera_console_logs(): """ Check for IBM Aspera Console log files that may contain sensitive information. This PoC simulates the vulnerability check for CVE-2025-13925 """ # Common log locations for IBM Aspera Console log_paths = [ '/var/log/aspera/console/', '/opt/aspera/console/logs/', 'C:\\Program Files\\Aspera\\Console\\logs\\', os.path.expanduser('~/.aspera/console/logs/') ] # Sensitive patterns that should not appear in logs sensitive_patterns = [ r'password[=:]\s*\S+', r'token[=:]\s*\S+', r'api[_-]?key[=:]\s*\S+', r'secret[=:]\s*\S+', r'Bearer\s+\S+', r'Authorization:\s*\S+', r'connection[_-]?string[=:]\s*\S+' ] findings = [] for log_path in log_paths: if os.path.exists(log_path): log_files = list(Path(log_path).glob('*.log')) for log_file in log_files: try: with open(log_file, 'r', encoding='utf-8', errors='ignore') as f: content = f.read() for pattern in sensitive_patterns: matches = re.findall(pattern, content, re.IGNORECASE) if matches: findings.append({ 'file': str(log_file), 'pattern': pattern, 'matches': matches }) except Exception as e: print(f"Error reading {log_file}: {e}") if findings: print("[!] Vulnerable: Sensitive information found in logs") for finding in findings: print(f" File: {finding['file']}") print(f" Pattern: {finding['pattern']}") print(f" Matches: {finding['matches']}") else: print("[+] No sensitive information detected in logs") return findings if __name__ == '__main__': print("CVE-2025-13925 IBM Aspera Console Log Information Disclosure Check") print("=" * 70) check_aspera_console_logs()