## https://sploitus.com/exploit?id=C42F97AF-C792-5433-9B26-EEB1F8D2210B
# CVE-2025-8110
Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.
## How does this detection method work?
Extracts the Gogs version from the footer of /user/login via regex (Gogs Version: X.X.X) and flags instances running version 0.13.3 or earlier as vulnerable to CVE-2025-8110.
## How do I run this script?
1. Download and install [Nuclei](https://github.com/projectdiscovery/nuclei).
2. Clone this repostory to your local system.
3. Run the following command:
```sh
nuclei -u -t template.yaml
```
Or if you would like to scan a list of hosts, execute:
```sh
nuclei -l -t template.yaml
```
## References
- https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit
- https://github.com/projectdiscovery/nuclei
## Disclaimer
Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.
---
## License
This project is licensed under the MIT License.
## Contact
If you have any questions about this vulnerability detection script please reach out to me via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw).
If you would like to connect, I am mostly active on [Twitter/X](https://x.com/rxerium) and [LinkedIn](https://www.linkedin.com/in/rxerium/).