Happy Friday! We hope everyone who attended Security Wasteland had a blast! The Initial Access Intelligence team forsook all human contact to deliver a blog about the Jenkins plugin we published content for last week, and added the following items to the feed:
The team added an exploit for this Windows Server privilege escalation vulnerability that tricks the target into using local NTLM authentication with our attacker machine. Our exploit dumps the credential hashes or runs a command as SYSTEM, which is useful for both lateral movement and privilege escalation in Windows Active Directory networks.
The team also provided network signatures and a PCAP of exploitation.
The team delivered the first stage of an unauthenticated RCE bug chain affecting ScriptCase. Using our passive version scanning functionality, we found that ~60% of internet-facing ScriptCase servers remain unpatched. Given the ease of exploitation and number of affected systems online, we expect this vulnerability to appear in VulnCheck KEV shortly. We also noted malicious IP addresses on GreyNoise scanning for the /scriptcase/ endpoint.
The team produced an exploit, version scanner, PCAP, network signatures, and search engine queries.
Letta is a popular open-source framework for building AI agents and has 17.7k stars on its GitHub repository. With a couple hundred targets directly exposed online, we decided to take a look at CVE-2025-51482, a code injection vulnerability in Letta's /v1/tools/run endpoint. Seemingly by design—or just vibecoded—the vulnerability allows a remote attacker to execute arbitrary Python code, skirting sandbox restrictions.
We have provided an exploit, version scanner, packet capture, network signatures, search queries, and a Docker target for this vulnerability. There are no reports of exploitation in the wild, but we suspect this will change soon due to ease of exploitation.
The team added coverage for CVE-2025-34300, an unauthenticated template injection vulnerability affecting Sawtooth Software Lighthouse Studio. This vulnerability was discovered by our friends over at AssetNote (now part of Searchlight Cyber), and has an available Nuclei template. We note that deployments of this software can vary dramatically. Remotely scanning for the software, without spidering, is not reliable.
Network signatures, PCAPs, search queries, and the exploit have been provided.
The team added network signatures for the unauthenticated XWiki LiveData SQL injection. Only signatures are provided, as analysis during triage showed that the Docker, demo HSQL, and production MySQL deployments all contained Hibernate filters that prevented the team from reproducing the vulnerability. Interestingly, there is a disparity between public proof of concepts and the exact settings needed to expose the issue. This means that the injection endpoint page can trigger errors, but the requirements for real injection do not appear to be exploitable in default configurations.
Following up on prior research we conducted, the team published packet captures and network signatures for CrushFTP CVE-2025-54309, which was added to VulnCheck KEV on July 18, 2025 and to CISA KEV on July 22, 2025.