CVE-2025-63406

HIGH

Intermesh BV GroupOffice <25.0.47,6.8.136 - RCE

Title source: llm

Description

An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi() and eval() in the FunctionField.php

Exploits (4)

nomisec WORKING POC 4 stars

by Nxvh1337 · poc

https://github.com/Nxvh1337/CVE-2025-63406-PoC

View Code ZIP pw:eip

nomisec WORKING POC 4 stars

by WinDyAlphA · poc

https://github.com/WinDyAlphA/CVE-2025-63406-PoC

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by richard-natan · poc

https://github.com/richard-natan/PoC-CVE-2025-63406

View Code ZIP pw:eip

github WORKING POC 2 stars

by adminlove520 · pythonpoc

https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2025/CVE-2025-63406

View Code ZIP pw:eip

References (2)

[Exploit] https://github.com/WinDyAlphA/CVE-2025-63406-PoC

[Exploit, Third Party Advisory] https://noahheraud.com/posts/CVE-2025-63406/

Scores

CVSS v3 8.8

EPSS 0.0057

EPSS Percentile 68.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-77

Status published

Products (1)

group-office/group_office < 6.8.136

Published Nov 13, 2025

Tracked Since Feb 18, 2026