Share
## https://sploitus.com/exploit?id=8AF0492B-0418-5FC6-821D-67A50D652EAA
# CVE-2025-54068 - Livewire (v3.6.3) Vulnerable Lab

This folder builds a minimal Laravel + Livewire v3 application pinned to **Livewire 3.6.3** (vulnerable) for reproducing **CVE-2025-54068**.

The mounted component is intentionally written to be compatible with the public exploit chain (it allows the stage-1 cast-to-array step).

## Quickstart

```bash
docker compose up -d --build
```

Open:
- `http://localhost:18081/`

## Validate (safe PoC)

This runs a two-step request sequence similar to public exploit chains, but uses an **in-band marker** (`echo`) as a safe proof.

```bash
python3 scripts/poc.py http://localhost:18081/
```

## Cleanup

```bash
docker compose down -v
```