Arbitrary File Disclosure in Vite Dev Server via ?inline&import / ?raw&import

This repository contains a Python proof-of-concept exploit for CVE-2025-31125, a path traversal vulnerability in the Vite Development Server's @fs endpoint. The exploit (exploit.py) allows an attacker to retrieve sensitive files from the server, such as /etc/passwd and /etc/hosts, by sending crafted HTTP GET requests to the vulnerable endpoint. The server's response is expected to contain base64-encoded file contents, which the script decodes and displays or saves to an output file. The exploit can target a single URL or scan multiple URLs from a file. The README.md provides usage instructions and context. The exploit is network-based and requires the Vite server to be accessible and vulnerable. No fake or destructive actions are present; the code is focused on file read via path traversal.

This repository contains a Python proof-of-concept exploit for CVE-2025-31125, a path traversal vulnerability in the Vite development server's @fs endpoint. The exploit consists of a single script (exploit.py) and a README.md with usage instructions. The script allows an attacker to send crafted HTTP requests to a Vite server, attempting to access sensitive files such as /etc/passwd and /etc/hosts by exploiting the path traversal flaw. The responses are expected to contain base64-encoded file contents, which the script decodes and displays or saves to an output file. The exploit can target a single URL or multiple URLs from a file. The main entry point is exploit.py, which uses the requests and colorama libraries for HTTP communication and colored output. No hardcoded IPs or domains are present; the user supplies the target(s). The exploit is a POC and does not provide post-exploitation capabilities beyond file read.

This repository provides a proof-of-concept (PoC) exploit for CVE-2025-31125, a path traversal vulnerability in the Vite development server's @fs endpoint. The exploit is implemented in Python (exploit.py) and allows an attacker to retrieve arbitrary files from a vulnerable Vite server by sending crafted HTTP GET requests to the /@fs endpoint with a specified file path (e.g., /etc/passwd, /etc/shadow, /etc/hosts, or Windows files like win.ini). The script supports both single and multiple targets, allows custom file paths, and can disable SSL verification for testing. It extracts and decodes any base64-encoded WASM content found in the server's response. The repository also includes a YAML file (CVE-2025-31125.yaml) suitable for automated scanners (e.g., Nuclei), a README with detailed usage instructions, and standard project files. The exploit targets Vite development servers exposed to the network and is effective on both Linux and Windows platforms if the server is unpatched. No weaponized or post-exploitation payloads are included; the exploit is strictly for file read (LFI) via path traversal.

This repository, 'ViteVulScan', is a Go-based operational exploit tool targeting three Vite development server vulnerabilities: CVE-2025-30208, CVE-2025-31125, and CVE-2025-31486. The tool enables detection and exploitation of arbitrary file read vulnerabilities on both Linux and Windows platforms. It supports single-target and batch exploitation, including integration with the Fofa asset search platform for mass scanning. The main logic is implemented in the 'cmd' directory, with separate modules for each CVE, command-line parsing, Fofa integration, and exploitation routines. Sensitive file paths for exploitation are provided in the 'dict' directory for both Linux and Windows. The tool can perform deep exploitation, reading and saving a wide range of sensitive files from vulnerable servers. Results are saved in a structured format under the 'result' directory. The repository is mature, operational, and suitable for both targeted and mass exploitation scenarios.