Share
## https://sploitus.com/exploit?id=30F52539-16AF-5AE1-BEBD-84F78C3AB426
# CVE-2025-10352 - Admin Account Creation PoC ๐Ÿ› ๏ธ
> Exploit for CVE-2025-10352: An unauthenticated endpoint in Melis Platform (melis-core) that allows creation of an administrator account via a crafted HTTP request to a specific admin endpoint.

![status](https://img.shields.io/badge/status-proof%20of%20concept-orange)
![request](https://img.shields.io/badge/request-raw%20HTTP-blue)

---

## ๐Ÿ”— Reference

- ๐Ÿ“„ Vendor advisory / internal ticket (attach when available)
- ๐Ÿ“„ PoC: `CVE-2025-10352.txt` (raw HTTP request exported from Burp)

---

## ๐Ÿš€ Description

This PoC targets an **unauthenticated administrative endpoint** in the `melis-core` module:

```
/melis/MelisCore/ToolUser/addNewUser
```

A remote unauthenticated attacker can submit a crafted request to this endpoint to create a new user with administrator privileges. Because the endpoint lacks proper authentication and authorization checks, the attacker gains persistent administrative access to the application.

**Impact includes:**
- Creation of persistent admin accounts.
- Full administrative takeover of the web application.
- Potential lateral movement, data exfiltration, and destructive actions.

---

## ๐Ÿ› ๏ธ Requirements

- Burp Suite (recommended) or any HTTP proxy that accepts raw HTTP requests.
- `curl`, `nc`/`netcat`, or `socat` for manual testing if you prefer CLI.
- Access to `CVE-2025-10352.txt` (raw HTTP request exported from Burp).
- Authorization to test the target system (see legal notice).

---

## ๐Ÿงช Usage

### Basic check (Burp Repeater)
1. Open Burp โ†’ Repeater.
2. Open `CVE-2025-10352.txt`, copy the raw HTTP request.
3. Paste into a new Repeater tab, set the proper host and press **Send**.
4. Check response for success (200/201/302 or JSON/text confirming creation).
5. Attempt login with the created credentials or confirm via the user listing endpoint.