CVE•Published 2025-12-09•1 article on news•7 live references•NVD data
CVE-2025-54100
Vulnerability data via CVEDB (Shodan)
CVSS v3.1
7.8
HIGH
EPSS percentile
71
Exploit Prediction Scoring System · top 29% of all CVEs
Description
Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.
Timeline
Published 2025-12-09
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common). Live host counts are a Premium feature.
Shodan · vuln tag
vuln:CVE-2025-54100Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · OS
os:"Windows 10 1607"Hosts Shodan identified as running Windows 10 1607.
More intel sources (5)
Shodan report
vuln:CVE-2025-54100Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2025-54100Censys host search filtered to this CVE id.
grep.app
CVE-2025-54100Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2025-54100GitHub code search for direct mentions.
Google dork
"CVE-2025-54100" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (8)
CVE-2025-541008 repos
ThemeHackers/CVE-2025-54100Python
CVE-2025-54100 (CVSS 7.8 High) is a command injection vulnerability in the Invoke-WebRequest cmdlet of Windows PowerShell 5.1. It arises from improper neutralization of special ele…
osman1337-security/CVE-2025-54100unknown
SysAdminDoc/LibreSpotC#
LibreSpot - A streamlined Spotify customization tool that automates installation and configuration of SpotX, Spicetify, Marketplace, and the Comfy theme.
Skatterbrainz/HeliumPowerShell
Assorted Utilities to make your day happier than eating a handful of sedatives
StartAutomating/SearchScriptPowerShell
Search PowerShell Scripts
Skatterbrainz/SolarWinds.ServiceDeskPowerShell
PowerShell module for managing SolarWinds Service Desk
R3lva/CVE-2025-54100-BYPASS-Batchfile
CVE-2025-54100 POC "simple" Bypass Patch (working on 2026)
xiaoLvChen/CVE-2025-54100Python
CVE-2025-54100(PowerShell 远程代码执行漏洞)