MINI-w6m4-pr78-g878 — Vulnetix

MINI-w6m4-pr78-g878 PUBLISHED

Affected Products

Vendor	Product	Versions
MinimOS	kafka-3.7-fips-libs	0, 0
MinimOS	kafka-3.7-fips	0, 0

Exploit Intelligence

CVE-2025-27817 (github-poc)
Apache Kafka客户端未对用户输入进行严格验证和限制，未经身份验证的攻击者可通过构造恶意配置读取环境变量或磁盘任意内容，或向非预期位置发送请求，提升REST API的文件系统/环境/URL访问权限。 (github-poc)
CVE-2025-27817 (github-poc)
01.基于vless的科学上网.html (github-poc)
KafkaRecordSupplier.java (github-poc)
druid-612f0710.json (github-poc)
async-iot.ts (github-poc)
Nuclei Template: CVE-2025-27817 (nuclei-template)

Timeline

Apr 20, 2026 CVE Published

Open in Interactive Console →

$ Console Community · 100/wk Open console ›