[ENHANCEMENT] Wrong poc for CVE-2025-54253

[daffainfo]

Is there an existing issue for this?

• I have searched the existing issues and discussions.

Enhancement Description

After analyzing, this /http/cves/2025/CVE-2025-54253.yaml is the poc for CVE-2025-49533, while CVE-2025-54253 itself is covered in the section STRUTS2 DEVMODE IN 2025?! (SL-AEM-FORMS-2)

Use Case / Problem

-

Proposed Solution

Rename CVE-2025-54253.yaml to CVE-2025-49533.yaml

Alternatives Considered

No response

Additional Context

No response

[John6150]

@daffainfo

Current Template Problem:
The existing CVE-2025-54253.yaml file:

Uses ID CVE-2025-54253
But the payload targets /FormServer/servlet/GetDocumentServlet?serDoc=... (the deserialization endpoint)
This is actually the CVE-2025-49533 vulnerability (insecure deserialization)
CVE-2025-54253 should instead be testing the Struts2 DevMode vulnerability at:

/adminui/updateLicense1.do;login.?debug=command&expression=7*7

To answer your question: I searched the workspace and found no existing GitHub issue tracking this mismatch. This is a local nuclei-templates repository without issue tracking - issues would need to be filed on the upstream GitHub repository at https://github.com/projectdiscovery/nuclei-templates.

[DhiyaneshGeek]

this issue is fixed with the following PR #14963

Due to the following reason we are closing this issue

Thanks