Exploit for CVE-2025-32896

  1. Home
  2. Uncategorized
  3. Exploit for CVE-2025-32896

Exploit for CVE-2025-32896

# Summary

Unauthorized users can perform Arbitrary File Read and Deserialization
attack by submit job using restful api-v1.

# Details
Unauthorized users can access `/hazelcast/rest/maps/submit-job` to submit
job.
An attacker can set extra params in mysql url to perform Arbitrary File
Read and Deserialization attack.

This issue affects Apache SeaTunnel: <=2.3.10

# Fixed

Users are recommended to upgrade to version 2.3.11, and enable restful api-v2 & open https two-way authentication , which fixes the issue.

Published: 2025-06-19

CVSS: 6.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Download Exploit for CVE-2025-32896 here:

Use Tor Browser to access .onion links.

Check our team here:

https://wednesfieldacademy.com/exploit-977-cve-2011-3389/

https://wednesfieldacademy.com/exploit-983-cve-2025-60704/

https://wednesfieldacademy.com/exploit-815-cve-2025-4632/

Latest News

Follow us on Social Media

Popular Pages

Contact Info

Wednesfield Academy
Lichfield Road
Wednesfield, Wolverhampton
West Midlands
WV11 3ES

T: 01902 558 222

postbox@wednesfieldacademy.co.uk

Monday - Thursday: 8:00 am - 4:00 pm
Friday: 8:00 am - 3:30 pm

Copyright 2026 © All Rights Reserved

 Privacy Notice

CEOP-1

Loading