CVE-2025-34160
CRITICAL EXPLOITEDAnyShare < pre-August 2025 builds - Unauthenticated Remote Code Execution via ServiceAgent API
Title source: llmExploitation Summary
CVE-2025-34160 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/start_service accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is interpreted by the backend, enabling arbitrary command execution. The vulnerability is presumed to affect builds released prior to August 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-07-11 UTC.
References (5)
Core 5
Core References
Various Sources technical-description
exploit
https://cn-sec.com/archives/4320091.html
Various Sources third-party-advisory
https://stack.chaitin.com/vuldb/detail/b4640952-9be9-4bfa-9d7f-a0be72b35e18
Various Sources product
patch
https://www.aishutech.com/en/anyshare-family7
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/anyshare-serviceagent-api-unauthenticated-rce
Various Sources product
https://www.aishu.cn/cn
Scores
CVSS v4
10.0
EPSS
0.0076
EPSS Percentile
50.4%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2025-07-11
CWE
CWE-78
Status
published
Products (2)
Shanghai Aishu Information Technology Co., Ltd./AnyShare
< 2025-08
Shanghai Aishu Information Technology Co., Ltd./AnyShare
< pre-August 2025 builds
Published
Aug 27, 2025
Tracked Since
Feb 18, 2026