CVE-2025-25198

This repository contains a functional proof-of-concept exploit for CVE-2025-25198, which involves Host header poisoning in Mailcow. The PoC automates the process of spinning up an HTTPS listener, handling session cookies and CSRF tokens, and triggering a password reset with a poisoned Host header to capture the reset link.

The repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and functional code.

This repository contains a functional exploit for CVE-2025-25198, which manipulates the Host HTTP header in mailcow's password reset functionality to generate a password reset link pointing to an attacker-controlled domain. The exploit includes a Go-based HTTP server to capture the password reset token and a script to send the malicious request.