Main Vulnerability Database Exploits ID:11229 - Exploit for Embedded malicious code (backdoor) in changed-files - CVE-2025-30066

ID:11229 - Exploit for Embedded malicious code (backdoor) in changed-files - CVE-2025-30066

Published: March 18, 2025

Vulnerability identifier: #VU105790

Vulnerability risk: High

CVE-ID: CVE-2025-30066

CWE-ID: CWE-506

Exploitation vector: Remote access

Vulnerable software:
changed-files

Link to public exploit:

https://github.com/Checkmarx/Checkmarx-CVE-2025-30066-Detection-Tool

Vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to sensitive information.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can discover secrets by reading actions logs.

Note, the vulnerability is being exploited in the wild.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:11229 - Exploit for Embedded malicious code (backdoor) in changed-files - CVE-2025-30066

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human