Low Severity
CVE-2025-30208
Published: Jul 16, 2025
CVE‑2025‑30208 is a medium-severity arbitrary file read vulnerability in the Vite development server (a popular frontend build tool)
# 🔥 CVE-2025-30208 Vite Arbitrary File Read Vulnerability Scanner
<div align="center">
**Advanced vulnerability scanner for CVE-2025-30208 with enterprise-grade features**
*Professional penetration testing tool for Vite Arbitrary File Read vulnerability detection*
[🚀 Quick Start](#-quick-start) • [📋 Features](#-features) • [🔧 Usage](#-usage) • [📊 Examples](#-examples) • [🛡️ Security](#️-security)
</div>
---
## 📖 Overview
This is a comprehensive vulnerability scanner designed to detect and exploit the **CVE-2025-30208** vulnerability in Vite development servers. The vulnerability allows arbitrary file read access through Vite's file system endpoints, potentially exposing sensitive configuration files, source code, and system information.
### 🎯 What This Tool Does
- **Detects** vulnerable Vite instances across networks
- **Exploits** the arbitrary file read vulnerability safely
- **Discovers** sensitive files and configuration data
- **Reports** findings in multiple formats (HTML, JSON, Console)
- **Manages** scanning sessions and configurations
- **Handles** errors gracefully with automatic retry mechanisms
### 🏗️ Modular Architecture
The tool now features a **modular architecture** for better maintainability and extensibility:
- **`CVE-2025-30208.py`** - Main scanner application
- **`payloads.py`** - Advanced exploitation payloads (60+ variations)
- **`sensitive_files.py`** - Comprehensive sensitive file database (200+ files)
- **`html_template.py`** - Enhanced hacker-style HTML reporting template
---
## 🚀 Quick Start
### Prerequisites
```bash
pip3 install -r requirements.txt
```
### Basic Usage
```bash
pyth