{"uuid": "e601cbd7-5cc3-4d28-9174-f00be3702ab1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24071", "type": "published-proof-of-concept", "source": "https://t.me/cybersecplayground/140", "content": "\u26a0\ufe0fCVE-2025-24071\n\nallows Windows Explorer to automatically initiate an SMB authentication request when a .library-ms file is extracted from a .rar archive. This leads to an NTLM hash disclosure without user interaction. \ud83d\udea8\n\n\ud83d\udd0d Key Details:\n\nImpact: NTLM hash leak\nTrigger: Extracting a .rar archive containing a .library-ms file\n\nExploitation: The extracted file initiates an SMB request to an attacker's controlled server, revealing authentication credentials.\n\ud83d\udd17 PoC & More Info:\n\ud83d\udc49 https://github.com/0x6rss/CVE-2025-24071_PoC\n\n#CyberSecurity #Exploit #NTLM #Windows #BugBounty #InfoSec", "creation_timestamp": "2025-03-19T08:40:40.000000Z"}