add CVE-2022-25237 ：Bonitasoft Platform 从认证绕过到RCE

CVE-2022-25372：Local Privilege Escalation In Pritunl VPN Client
2025-08-13 11:28:28 +00:00 · 2022-05-31 10:38:59 +08:00 · 2022-05-31 10:38:59 +08:00 · 30578f1e3b
commit 30578f1e3b
parent c21898ae11
2 changed files with 4 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -253,6 +253,7 @@
 - [CVE-2022-1388-EXP：CVE-2022-1388 F5 BIG-IP RCE 批量检测](https://github.com/bytecaps/CVE-2022-1388-EXP)|[CVE-2022-1388 nuclei 模板](https://github.com/numanturle/CVE-2022-1388)|[CVE-2022-1388：另一个扫描脚本](https://github.com/0xf4n9x/CVE-2022-1388)
 - [CVE-2022-24734： MyBB论坛后台 RCE](https://github.com/Altelus1/CVE-2022-24734)
 - [CVE-2022-0540：Atlassian Jira Seraph Authentication Bypass RCE](https://github.com/Pear1y/CVE-2022-0540-Preauth-RCE)
+- [CVE-2022-25237：Bonitasoft Platform 从认证绕过到RCE](https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2022-25237)

 ## <span id="head5"> 提权辅助相关</span>

@ -458,6 +459,8 @@

 - [CVE-2022-1015：Linux 权限提升漏洞](https://github.com/pqlx/CVE-2022-1015)

+- [CVE-2022-25372：Local Privilege Escalation In Pritunl VPN Client](https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2022-25372)
+
 ## <span id="head7"> tools-小工具集版本合</span>

 - [java环境下任意文件下载情况自动化读取源码的小工具](https://github.com/Artemis1029/Java_xmlhack)
@ -1583,6 +1586,7 @@
 - [sec-note：记录各语言、框架中危险的sink](https://github.com/haby0/sec-note)
 - [JavaVulnSummary：Java漏洞分析汇合](https://github.com/R17a-17/JavaVulnSummary)
 - [GetDomainAdmin：获取域控权限的几种方式](https://github.com/JDArmy/GetDomainAdmin)
+- [CVE-2022-25237 Bonitasoft Platform 从认证绕过到未公开反序列化漏洞发现之旅](./books/CVE-2022-25237%20Bonitasoft%20Platform%20从认证绕过到未公开反序列化漏洞发现之旅.pdf)

 ## <span id="head9"> 说明</span>

--- a/从认证绕过到未公开反序列化漏洞发现之旅.pdf
+++ b/从认证绕过到未公开反序列化漏洞发现之旅.pdf