CVE-2025-32023

This exploit targets a vulnerability in Redis (CVE-2025-32023) by crafting a malformed HyperLogLog (HLL) payload to trigger an integer overflow during a merge operation, potentially leading to remote code execution (RCE). The PoC connects to Redis, writes the malformed HLL, and triggers the overflow via pfcount.

This repository contains a working exploit for CVE-2025-32023, a vulnerability in Redis's HyperLogLog implementation that allows out-of-bounds writes due to integer overflow. The exploit achieves RCE by corrupting heap structures and leveraging Redis modules.

This repository contains functional exploit code for CVE-2025-32433, an Erlang OTP SSH vulnerability, demonstrating pre-authentication command execution via crafted SSH packets. The PoC includes a Dockerized vulnerable environment and a Python script to trigger the exploit.

The repository provides a detailed writeup for CVE-2025-32023, a remote code execution vulnerability in Redis affecting HyperLogLog operations due to an integer overflow. It includes technical details, mitigation steps, and references but lacks actual exploit code.

This repository contains a working exploit for CVE-2025-32023, a critical RCE vulnerability in Redis versions below 7.2.4. The exploit leverages a malformed HyperLogLog (HLL) structure to achieve arbitrary memory corruption and ROP chain execution, leading to remote code execution.