### [CVE-2025-27591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27591)
![](https://img.shields.io/static/v1?label=Product&message=below&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Incorrect%20Permission%20Assignment%20for%20Critical%20Resource%20(CWE-732)&color=brightgreen)

### Description

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/00xCanelo/CVE-2025-27591
- https://github.com/BridgerAlderson/CVE-2025-27591-PoC
- https://github.com/Cythonic1/CVE-2025-27591
- https://github.com/DarksBlackSk/CVE-2025-27591
- https://github.com/Diabl0xE/CVE-2025-27519
- https://github.com/HOEUN-Visai/CVE-2025-27591-below-
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/Thekin-ctrl/CVE-2025-27591-Below
- https://github.com/alialucas7/CVE-2025-27591_PoC
- https://github.com/avina5hr/Cyber-security
- https://github.com/benkyouGH/RandomScripts
- https://github.com/benkyousec/RandomScripts
- https://github.com/danil-koltsov/below-log-race-poc
- https://github.com/dollarboysushil/Linux-Privilege-Escalation-CVE-2025-27591
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/incommatose/CVE-2025-27591-PoC
- https://github.com/mridulchamoli93/htb-md-
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/obamalaolu/CVE-2025-27591
- https://github.com/rvizx/CVE-2025-27591
- https://github.com/umutcamliyurt/CVE-2025-27591
- https://github.com/yembors64632/cve_monitor_Public