Exploit for CVE-2025-0167

When asked to use a `.netrc` file for credentials **and** to follow HTTP
redirects, curl could leak the password used for the first host to the
followed-to host under certain circumstances.

This flaw only manifests itself if the netrc file has a `default` entry that
omits both login and password. A rare circumstance.

Published: 2025-02-05

CVSS: 3.4

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

Download Exploit for CVE-2025-0167 here:

Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.

https://augustaverburg.nl/exploit-393-cve-2025-48633/

https://augustaverburg.nl/exploit-458-cve-2025-62240/

https://augustaverburg.nl/exploit-40-cve-2016-4171/

https://augustaverburg.nl/exploit-219-cve-2025-62255/

 

 

Copyright: Augusta Verburg

Website door: Webheld.nl