CVE-2025-0411

This repository contains a proof-of-concept exploit for CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in 7-Zip. The exploit demonstrates how a crafted archive can bypass security warnings, allowing arbitrary code execution via a shellcode loader.

This repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate real-world exploitation techniques with clear technical details.

The repository contains a functional proof-of-concept exploit for CVE-2025-0411, which bypasses the Mark-of-the-Web protection mechanism in 7-Zip versions before 24.09. The exploit involves a double-compressed archive that, when extracted, does not propagate the MotW flag, allowing arbitrary code execution via a shellcode loader (calc.exe).

This PoC demonstrates CVE-2025-0411, a Mark-of-the-Web bypass in 7-Zip versions before 24.09. It includes a loader that executes calc.exe via shellcode, showcasing how extracted files lose their MotW, enabling arbitrary code execution.

This PoC exploits CVE-2025-0411 by executing a shellcode payload via memory allocation and thread creation. The README suggests it requires user interaction and leverages a lack of MotW (Mark of the Web) in versions before 24.09.

This PoC demonstrates CVE-2025-0411, a vulnerability in 7-Zip that bypasses Windows' Mark-of-the-Web (MoTW) by exploiting nested archive extraction. It compiles a C++ executable containing shellcode and compresses it into nested 7z archives to trigger the vulnerability.

The repository claims to be a PoC for CVE-2025-0411 but instead promotes a cheating tool for the game Rust, with no actual exploit code or technical details related to the CVE. The download links and content are misleading and unrelated to the stated vulnerability.

This repository contains only a README file describing CVE-2025-0411, a 7-Zip Mark-of-the-Web bypass vulnerability. No exploit code or technical details are provided.