{"vulnerability": "CVE-2025-27090", "sightings": [{"uuid": "7a96ea10-2f8f-41be-ae90-f080a0c50a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27090", "type": "seen", "source": "https://t.me/cvedetector/18479", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27090 - Sliver Teamserver Unauthenticated Reverse Port Forwarding Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27090 \nPublished : Feb. 19, 2025, 10:15 p.m. | 27\u00a0minutes ago \nDescription : Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so. The only impact that has been shown is the exposure of the server's IP address to a third party. This issue has been addressed in version 1.5.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T23:46:02.000000Z"}, {"uuid": "f2eba248-3aca-4946-8a24-99d05d6db3a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27090", "type": "exploited", "source": "https://t.me/suboxone_chatroom/7446", "content": "\ud83d\udc7b\ud83d\udc7b\ud83d\udc7bSSRF in Sliver C2 (CVE-2025-27090), allowing an attacker to read and write TCP traffic through affected teamservers. \n\n\ud83d\udd25\ud83d\udd25\ud83d\udd25Demo shows leaking the IP of a Sliver teamserver hidden behind redirectors.\n\nWriteup- https://blog.chebuya.com/posts/server-side-request-forgery-on-sliver-c2/\n\nPOC- https://github.com/chebuya/exploits/tree/main/CVE-2025-27090%3A%20Sliver%20C2%20SSRF", "creation_timestamp": "2025-04-01T14:48:40.000000Z"}, {"uuid": "2b3131dd-6b32-4d5c-8821-d8a9c7b45a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27090", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lirw3gqeok2i", "content": "", "creation_timestamp": "2025-02-22T18:09:41.542656Z"}, {"uuid": "ceb706a8-0417-4777-8715-23351bc7afa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27090", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lim5oe2oss2u", "content": "", "creation_timestamp": "2025-02-20T11:09:34.929358Z"}, {"uuid": "9ea10199-1fa9-4b24-85fe-9e88566843ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27090", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3limcrpgqfs27", "content": "", "creation_timestamp": "2025-02-20T12:40:54.954051Z"}]}