CVE Chain: CVE-2025–2304 → S3 credential leak → SSH → Facter Ruby injection
Recon
Open ports: 22, 80. facts.htb runs Camaleon CMS 2.9.0. Register a regular user account — it redirects to admin panel but with limited access.
Full writeup — members only
The complete exploit chain, commands, and methodology are available to members on Buy Me a Coffee.
unlock on buy me a coffee€5 one-off · or monthly membership