{"uuid": "0a786d5c-82ff-461b-9975-68fc1e77e6f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71260", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/301", "content": "CVE-2025-71257 and CVE-2025-71260 BMC FootPrints Pre-Authenticated Remote Code Execution Chain\n\n   \u2022 Bypass authentication with CVE-2025-71257.\n   \u2022 If it is successful, it tries to verify the CVE-2025-71260 RCE by writing a ranomized .jsp file to the tomcat servers webroot. This .jsp file just enumerates system information.\n\nBlog: https://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\n\nBMC FootPrints is an IT Service Management (ITSM) solution designed to help IT teams manage service requests, incidents, assets, and changes through configurable workflows and an intuitive web interface.", "creation_timestamp": "2026-03-19T05:48:17.000000Z"}