Скачать или смотреть CVE‑2025‑49113 - Roundcube Post‑Auth Remote Code Execution (RCE) PoC | TryHackMe Lab Demo

Twitter: https://x.com/NullSecurityX
In this video I demonstrate a Proof of Concept exploit for CVE-2025-49113 a critical Post Authentication Remote Code Execution vulnerability affecting Roundcube Webmail versions prior to 1.5.10 and 1.6.11.

🔍 Vulnerability Overview:
CVE-2025-49113 occurs due to improper validation of the _GET['_from'] parameter in the program/actions/settings/upload.php script which allows PHP object deserialization attacks. This vulnerability lets an authenticated attacker execute arbitrary code on the server.

⚠️ Why This Matters:

Severity: CVSS score 9.9 Critical

Attack Vector: Requires valid credentials but low complexity

Impact: Affects thousands of Roundcube Webmail installations worldwide

🛠️ What You Will See in This Video:

Explanation of the vulnerability and its impact

Step-by-step PoC exploitation

TryHackMe lab walkthrough demonstrating the attack

Recommendations to fix the vulnerability by upgrading to versions 1.5.10 or 1.6.11 sanitizing inputs and monitoring uploads

Disclaimer: This video is for educational purposes only. Do not attempt to exploit systems without proper authorization.

CVE-2025-49113
Roundcube RCE
PHP Object Deserialization
Roundcube Webmail Exploit
Authenticated RCE
Remote Code Execution
Roundcube Security
CVE-2025
Roundcube Exploit
PHP Security
Webmail Vulnerability
Roundcube 1.6.10
Roundcube 1.5.9
Roundcube Update
Roundcube Patch
Roundcube 1.5.10
Roundcube 1.6.11
CVE-2025-49113 Exploit
CVE-2025-49113 PoC
Roundcube Mitigation
Roundcube Vulnerability
Roundcube PHP Deserialization
Roundcube Upload.php
Roundcube Security Update
Roundcube CVE
Roundcube CVE-2025-49113
Roundcube CVE-2025
Roundcube Exploit Mitigation
Roundcube Exploit Detection
Roundcube Exploit PoC
Roundcube Exploit CVE-2025-49113
Roundcube Exploit CVE-2025
Roundcube Exploit PoC CVE-2025-49113
Roundcube Exploit PoC CVE-2025