CVE-2025-30672
📋 TL;DR
Mite for Perl before version 0.013000 includes the current working directory ('.') in Perl's @INC module search path, similar to CVE-2016-1238. This allows attackers who can place malicious Perl files in the current working directory to execute arbitrary code when vulnerable applications load modules. This affects the Mite distribution itself and any distributions containing code generated by Mite.
💻 Affected Systems
- Mite for Perl
- Distributions containing code generated by Mite
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Arbitrary code execution with the privileges of the running Perl process, potentially leading to full system compromise.
Likely Case
Local privilege escalation or code execution in environments where attackers can write files to application directories.
If Mitigated
No impact if proper file permissions prevent unauthorized file writes to application directories.
🎯 Exploit Status
Requires local file system access and ability to place malicious Perl files in the current working directory of vulnerable applications.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.013000
Vendor Advisory: https://metacpan.org/release/TOBYINK/Mite-0.013000/changes
Restart Required: No
Instructions:
1. Update Mite to version 0.013000 or later using CPAN: 'cpan install Mite' 2. Regenerate any Mite-based code with the updated version 3. Redeploy applications using the regenerated code
🔧 Temporary Workarounds
Set PERL_USE_UNSAFE_INC environment variable
allDisables the current working directory from @INC path
export PERL_USE_UNSAFE_INC=0
Use -I flag to specify safe include paths
allExplicitly specify module search paths when running Perl
perl -I/path/to/safe/lib script.pl
🧯 If You Can't Patch
- Restrict file permissions to prevent unauthorized writes to application directories
- Run applications from directories where only trusted users can write files
🔍 How to Verify
Check if Vulnerable:
Check if Mite version is below 0.013000: 'perl -MMite -e "print $Mite::VERSION\n"'Check Version:
perl -MMite -e "print $Mite::VERSION\n"Verify Fix Applied:
Confirm Mite version is 0.013000 or higher and test that '.' is not in @INC when running generated code📡 Detection & Monitoring
Log Indicators:
- Unexpected module loads from current directory
- Permission denied errors for module loading
Network Indicators:
- None - this is a local file system vulnerability
SIEM Query:
Search for Perl process execution with current directory in @INC path or unexpected module loads