## https://sploitus.com/exploit?id=F354B053-13FC-5D86-AFC6-896F8615D804
# CVE-2025-6018-and-CVE-2025-6019-Privilege-Escalation
This is just a quick note on how to exploit these vulnerabilities to get root.
Start by utilizing this tool on the attacker machine:
[[https://raw.githubusercontent.com/ibrahmsql/CVE-2025-6018/refs/heads/main/CVE-202](https://github.com/ibrahmsql/CVE-2025-6018)
You should now have a shell as the user. If it fails on HTB, just restart the machine if you can.
Then use this script locally on the attacker machine as sudo (Use Option L to generate):
[https://raw.githubusercontent.com/guinea-offensive-security/CVE-2025-6019/](https://github.com/guinea-offensive-security/CVE-2025-6019)
Once the xfs.image file is created, move both the script you ran locally and the xfs.image file to the victim using wget or SCP.
Run this before starting the sript:
export PATH=$PATH:/sbin:/usr/sbin
Run the CVE-2025-6019 script and use the option C.
You should now have root.