免费扫描
HIGHCVE-2025-69257CVSS 7.3

theshit vulnerable to unsafe loading of user-owned Python rules when running as root

翻译中…

平台

rust

组件

theshit

修复版本

0.1.2

0.1.1

AI Confidence: highNVDEPSS 0.0%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2025-69257 describes a Local Privilege Escalation (LPE) vulnerability within theshit. This flaw allows an attacker to execute arbitrary code by injecting malicious Python rules or configuration files. The vulnerability affects versions of theshit prior to 0.1.1 and can be exploited by a local attacker with sufficient privileges. A fix is available in version 0.1.1.

Rust

检测此 CVE 是否影响你的项目

上传你的 Cargo.lock 文件,立即知道是否受影响。

上传 Cargo.lock

影响与攻击场景翻译中…

The vulnerability stems from the application's failure to properly validate the ownership and permissions of custom Python rules and configuration files loaded from user-writable locations, such as ~/.config/theshit/. When the application is executed with elevated privileges (e.g., using sudo), it continues to trust these files, even if they originate from an unprivileged user. This allows a local attacker to inject arbitrary Python code into the application's execution context, effectively gaining control over the system. The potential impact includes complete system compromise, data exfiltration, and the installation of persistent malware. This vulnerability shares similarities with other LPE exploits that leverage insecure file handling and privilege escalation.

利用背景翻译中…

CVE-2025-69257 was published on 2025-12-30. The EPSS score is pending evaluation. There are currently no publicly available proof-of-concept exploits. The vulnerability is not listed on the CISA KEV catalog at the time of writing.

哪些人处于风险中翻译中…

Users of theshit who are running versions prior to 0.1.1 and have configured the application to load custom Python rules or configuration files from user-writable locations are at significant risk. This includes developers and system administrators who have customized the application's behavior or deployed it in environments with shared user accounts.

检测步骤翻译中…

• linux / server:

find ~/.config/theshit/ -type f -perm -002 -print

• linux / server:

journalctl -u theshit | grep -i "python rule"

• generic web:

curl -I http://localhost/theshit/ | grep 'Content-Type' # Check for unexpected content types

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

0.01% (0% 百分位)

CISA SSVC

利用情况none
可自动化no
技术影响total

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H7.3HIGHAttack VectorLocal攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredLow攻击所需的认证级别User InteractionRequired是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
本地 — 攻击者需要系统上的本地会话或Shell。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
低 — 任何有效用户账户均可。
User Interaction
需要 — 受害者必须打开文件、点击链接或访问特制页面。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件theshit
供应商osv
影响范围修复版本
< 0.1.1 – < 0.1.10.1.2
0.1.1

弱点分类 (CWE)

CWE-269CWE-284CWE-829

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2025-69257 is to upgrade to version 0.1.1 or later, which includes the necessary security fixes. If upgrading is not immediately feasible, consider restricting write access to the ~/.config/theshit/ directory to only the application's user account. Implement strict input validation for all configuration files, ensuring that they do not contain any executable code. Consider using a Web Application Firewall (WAF) or proxy to inspect and filter traffic to the application, blocking requests containing potentially malicious payloads. After upgrading, confirm the fix by attempting to load a known malicious configuration file and verifying that it is rejected or sandboxed.

修复方法翻译中…

Actualice a la versión 0.1.1 o posterior. Si no es posible actualizar, evite ejecutar la aplicación con `sudo` o como usuario root. Como mitigación temporal, asegúrese de que los directorios que contienen reglas personalizadas y archivos de configuración sean propiedad de root y no sean modificables por usuarios no root.

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2025-69257 — LPE in theshit?

CVE-2025-69257 is a Local Privilege Escalation vulnerability in theshit, allowing attackers to execute arbitrary code via malicious configuration files if running prior to version 0.1.1.

Am I affected by CVE-2025-69257 in theshit?

You are affected if you are using theshit versions before 0.1.1 and have configured it to load custom Python rules or configuration files from user-writable directories.

How do I fix CVE-2025-69257 in theshit?

Upgrade to version 0.1.1 or later. As a temporary workaround, restrict write access to the configuration directory and implement strict input validation.

Is CVE-2025-69257 being actively exploited?

There are currently no reports of active exploitation, but the vulnerability is considered HIGH severity and should be addressed promptly.

Where can I find the official theshit advisory for CVE-2025-69257?

Refer to the official theshit project's website or security mailing list for the latest advisory regarding CVE-2025-69257.

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE