CVE-2025-60751

HIGH

GeographicLib 2.5 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2025-60751. PoCs published by rosario, adminlove520, kaleth4.

AI-analyzed exploit summary This exploit demonstrates a stack buffer overflow in GeographicLib v2.5.1, leveraging a ROP chain to execute a shell. It uses hardcoded addresses for gadgets and system calls, requiring manual adjustment for different environments.

Description

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode.

Exploits (4)

exploitdb WORKING POC
by rosario · pythonwebappsmultiple
https://www.exploit-db.com/exploits/52522

This exploit demonstrates a stack buffer overflow in GeographicLib v2.5.1, leveraging a ROP chain to execute a shell. It uses hardcoded addresses for gadgets and system calls, requiring manual adjustment for different environments.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GeographicLib <= v2.5.1
No auth needed
Prerequisites: Binary path to GeoConvert · ASLR disabled or known addresses · pwntools library
devstral-2 · analyzed Apr 30, 2026 Full analysis →
github SCANNER 2 stars
by adminlove520 · pythonpoc
https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2025/CVE-2025-60751

The repository contains a scanner for CVE-2024-21762, a Fortinet SSL VPN vulnerability, which checks if a target is vulnerable by sending crafted HTTP requests. It includes Python scripts to test individual hosts or lists of IPs.

Classification
Scanner 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Fortinet SSL VPN
No auth needed
Prerequisites: network access to the target · Python environment
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC
by kaleth4 · poc
https://github.com/kaleth4/CVE-2025-60751

The repository contains a functional exploit for CVE-2025-60751, a stack-based buffer overflow in GeographicLib's DMS::InternalDecode function. The exploit uses a Ret2Libc attack with dynamic gadget location and stack alignment, demonstrating reliable remote code execution in a controlled environment.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GeographicLib <= v2.5.1
No auth needed
Prerequisites: GeographicLib <= v2.5.1 · ASLR disabled or leakable libc addresses · Stack protections disabled or bypassable
devstral-2 · analyzed May 07, 2026 Full analysis →
github WORKING POC
by zer0matt · pythonpoc
https://github.com/zer0matt/CVE-2025-60751

This repository contains a functional exploit for CVE-2025-60751, demonstrating a stack buffer overflow in Geographiclib's GeoConvert tool. The exploit uses a ROP chain to achieve arbitrary code execution via ret2libc.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Geographiclib <= v2.5.1
No auth needed
Prerequisites: Geographiclib <= v2.5.1 installed · ASLR bypass or address leakage
devstral-2 · analyzed May 17, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0215
EPSS Percentile 79.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-121
Status published
Published Oct 21, 2025
Tracked Since Feb 18, 2026