关联漏洞
标题:
Ivanti多款产品 安全漏洞
(CVE-2025-0282)
描述:Ivanti Connect Secure(ICS)等都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure(IPS)是一个网络访问控制 (NAC) 解决方案。Ivanti Neurons是一款开创性的平台,能简化和自动化IT系统。 Ivanti多款产品存在安全漏洞,该漏洞源于存在基于堆栈的缓冲区溢出问题。攻击者利用该漏洞可以远程执行代码。以下产品及版本受到影响:Ivanti Connect Secure 22.7R2
描述
Exploit for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways
介绍
# PoC for CVE-2025-0282
**Remote Unauthenticated Stack Buffer Overflow in Ivanti Products**
## Overview
This proof-of-concept demonstrates exploitation of CVE-2025-0282, a critical vulnerability affecting:
- Ivanti Connect Secure
- Ivanti Policy Secure
- Ivanti Neurons for ZTA gateways
Based on [watchTowr's research](https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282), this PoC uses a ROP chain targeting **Ivanti Connect Secure 22.7r2.4** specifically. Other versions require custom ROP chain development.
The payload creates a new privileged admin account with:
- Username: `admin`
- Password: `password`
- Root-level privileges (UID 0)
## Prerequisites
- Python 3.x
- Required packages: `requests`, `pyopenssl`
- Vulnerable Ivanti system (version 22.7r2.4)
## Usage
1. Run the exploit:
```bash
python3 CVE-2025-0282.py -t <TARGET_IP> -p 443
文件快照
[4.0K] /data/pocs/aae1be17bcfbb2e2e4280647146c45c96f73eea0
├── [5.8K] CVE-2025-0282.py
└── [ 910] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。