CVE-2025-0868

CRITICAL EXPLOITED NUCLEI

NPM Docsgpt - Remote Code Execution

Title source: rule

Description

A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.. This issue affects DocsGPT: from 0.8.1 through 0.12.0.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Shreyas Malhotra · pythonwebappspython

https://www.exploit-db.com/exploits/52145

View Code ZIP pw:eip

github WORKING POC 40 stars

by iSee857 · pythonpoc

https://github.com/iSee857/CVE-PoC/tree/main/DocsGPT-CVE-2025-0868-RCE.py

View Code ZIP pw:eip

nomisec WORKING POC

by aidana-gift · remote

https://github.com/aidana-gift/CVE-2025-0868

View Code ZIP pw:eip

Nuclei Templates (1)

DocsGPT - Unauthenticated Remote Code Execution

CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch

FOFA: body="Welcome to DocsGPT"

References (3)

[Various Sources] https://cert.pl/en/posts/2025/02/CVE-2025-0868/

[Various Sources] https://cert.pl/posts/2025/02/CVE-2025-0868/

[Various Sources] https://github.com/arc53/DocsGPT

Scores

CVSS v4 9.3

EPSS 0.1590

EPSS Percentile 94.8%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Details

VulnCheck KEV 2025-06-08

CWE

CWE-95

Status published

Products (2)

Arc53/DocsGPT 0.8.1 - 0.12.0

npm/docsgpt 0.8.1npm

Published Feb 20, 2025

Tracked Since Feb 18, 2026