CVE-2025-0851

CRITICAL LAB

Ai.djl API < 0.31.1 - Path Traversal

Title source: rule

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-0851. PoCs published by skrkcb2, manus-use.

AI-analyzed exploit summary This repository describes a file traversal vulnerability (CVE-2025-0851) in the Deep Java Library's tar/zip extraction utility, allowing arbitrary file writes outside the intended directory during model loading. The issue arises from improper handling of absolute paths in `dest.resolve(name).toAbsolutePath()`, enabling path traversal attacks.

Description

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.

Exploits (2)

nomisec WRITEUP 1 stars

by skrkcb2 · poc

https://github.com/skrkcb2/CVE-2025-0851

View Code ZIP pw:eip

This repository describes a file traversal vulnerability (CVE-2025-0851) in the Deep Java Library's tar/zip extraction utility, allowing arbitrary file writes outside the intended directory during model loading. The issue arises from improper handling of absolute paths in `dest.resolve(name).toAbsolutePath()`, enabling path traversal attacks.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Deep Java Library (version not specified)

No auth needed

Prerequisites: Access to a system running the vulnerable Deep Java Library · Ability to craft a malicious tar/zip archive

MITRE ATT&CK

T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github WORKING POC

by manus-use · postscriptpoc

https://github.com/manus-use/cve-pocs/tree/main/deep-java-library-CVE-2025-0851

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2025-32433, targeting Erlang/OTP SSH. The PoC demonstrates a pre-authentication RCE vulnerability by sending crafted SSH packets to execute arbitrary commands on the server.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Erlang/OTP SSH (OTP-22.3.4.17)

No auth needed

Prerequisites: network access to target SSH port · vulnerable Erlang/OTP version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (3)

Core 3

Core References

Release Notes patch

https://github.com/deepjavalibrary/djl/releases/tag/v0.31.1

Various Sources vendor-advisory

https://aws.amazon.com/security/security-bulletins/AWS-2025-003/

Vendor Advisory third-party-advisory

https://github.com/deepjavalibrary/djl/security/advisories/GHSA-jcrp-x7w3-ffmg

Scores

CVSS v3 9.8

EPSS 0.4369

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Lab Environment

COMMUNITY

Community Lab

docker pull eclipse-temurin:17-jdk

https://github.com/skrkcb2/CVE-2025-0851

https://github.com/manus-use/cve-pocs

View in Library

Details

CWE

CWE-36 CWE-73

Status published

Products (2)

ai.djl/api 0 - 0.31.1Maven

AWS/DeepJavaLibrary 0.1.0 - 0.31.1

Published Jan 29, 2025

Tracked Since Feb 18, 2026