Code Injection Vulnerability in GAIR-NLP Factool Tool
CVE-2025-4261

4.8MEDIUM

Key Information:

Vendor
Gair-nlp
Status
Factool
Vendor
CVE Published:
5 May 2025

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A code injection vulnerability exists in the GAIR-NLP Factool, specifically within the run_single function of the tool.py script. This flaw allows for unauthorized execution of arbitrary code via local exploitation, posing significant security risks for users of the affected versions. The product employs a rolling release strategy, making it essential for users to stay updated on any patches or mitigations as version-specific details may vary. With this vulnerability disclosed to the public, users are advised to remain vigilant and implement necessary security measures.

Affected Version(s)

factool 3f3914bc090b644be044b7e0005113c135d8b20f

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-4261 - Proof of Concept

References

https://vuldb.com/?id.307365
vdb-entrytechnical-description
https://vuldb.com/?ctiid.307365
signaturepermissions-required
https://vuldb.com/?submit.562942
third-party-advisory

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

ybdesire (VulDB User)
.
CVE-2025-4261 : Code Injection Vulnerability in GAIR-NLP Factool Tool | SecurityVulnerability.io