Exploitation Summary
EIP tracks 2 public exploits for CVE-2025-34115.
PoCs published by hyp3rlinx, h00die <[email protected]>, hyp3rlinx, including Metasploit module exploits/linux/http/op5_config_exec.
AI-analyzed exploit summary This exploit demonstrates a Remote Command Execution (RCE) vulnerability in op5 Monitor v7.1.9 via a CSRF entry point in the 'cmd_str' parameter of 'command_test.php'. The PoC uses a GET request to execute arbitrary commands, such as reading '/etc/passwd' and exfiltrating the data via netcat.
Description
An authenticated command injection vulnerability exists in OP5 Monitor through version 7.1.9 via the 'cmd_str' parameter in the command_test.php endpoint. A user with access to the web interface can exploit the 'Test this command' feature to execute arbitrary shell commands as the unprivileged web application user. The vulnerability resides in the configuration section of the application and requires valid login credentials with access to the command testing functionality. This issue is fixed in version 7.2.0.
Exploits (2)
This exploit demonstrates a Remote Command Execution (RCE) vulnerability in op5 Monitor v7.1.9 via a CSRF entry point in the 'cmd_str' parameter of 'command_test.php'. The PoC uses a GET request to execute arbitrary commands, such as reading '/etc/passwd' and exfiltrating the data via netcat.
This Metasploit module exploits a command injection vulnerability in op5 Monitor v7.1.9 and below by abusing the 'Test this command' feature in the configuration page to execute arbitrary commands as an unprivileged user. It includes authentication handling and a cmdstager for payload delivery.
References (4)
Scores
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N