Share
## https://sploitus.com/exploit?id=C42F97AF-C792-5433-9B26-EEB1F8D2210B
#  CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.

##  How does this detection method work?

Extracts the Gogs version from the footer of /user/login via regex (Gogs Version: X.X.X) and flags instances running version 0.13.3 or earlier as vulnerable to CVE-2025-8110.

##  How do I run this script?

1. Download and install [Nuclei](https://github.com/projectdiscovery/nuclei).
2. Clone this repostory to your local system.
3. Run the following command: 
```sh
nuclei -u  -t template.yaml
```

Or if you would like to scan a list of hosts, execute:
```sh
nuclei -l  -t template.yaml
```

##  References

- https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit
- https://github.com/projectdiscovery/nuclei


##  Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

---

##  License

This project is licensed under the MIT License.

##  Contact

If you have any questions about this vulnerability detection script please reach out to me via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw).

If you would like to connect, I am mostly active on [Twitter/X](https://x.com/rxerium) and [LinkedIn](https://www.linkedin.com/in/rxerium/).