CVE-2025-0364

CRITICAL

BigAntSoft BigAnt Server <5.6.06 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-0364. PoCs published by vulncheck-oss.

AI-analyzed exploit summary This repository contains a Go-based exploit for CVE-2025-0364, which targets BigAntSoft BigAnt Server. The exploit bypasses authentication via SaaS account registration and uploads a malicious PHP file to achieve unauthenticated remote code execution.

Description

BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the attacker can upload and execute arbitrary PHP code using the "Cloud Storage Addin," leading to unauthenticated code execution.

Exploits (1)

nomisec WORKING POC 6 stars
by vulncheck-oss · poc
https://github.com/vulncheck-oss/cve-2025-0364

This repository contains a Go-based exploit for CVE-2025-0364, which targets BigAntSoft BigAnt Server. The exploit bypasses authentication via SaaS account registration and uploads a malicious PHP file to achieve unauthenticated remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: BigAntSoft BigAnt Server <= 5.6.06
No auth needed
Prerequisites: Network access to the target server · CAPTCHA solving capability
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory
https://github.com/vulncheck-oss/cve-2025-0364

Scores

CVSS v3 9.8
EPSS 0.0178
EPSS Percentile 75.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-288
Status published
Products (2)
BigAntSoft/BigAnt Server < 5.6.06
bigantsoft/bigant_server < 5.6.06
Published Feb 04, 2025
Tracked Since Feb 18, 2026