关联漏洞
介绍
# CVE-2025-4427 and CVE-2025-4428 Ivanti EPMM Chain
Ivanti EPMM Pre-Auth RCE Chain 1day Detection Artifact Generator Tool
# Detection in Action
```
$ python3 watchTowr-vs-Ivanti-EPMM-CVE-2025-4427-CVE-2025-4428.py -H https://192.168.1.100
__ ___ ___________
__ _ ______ _/ |__ ____ | |_\__ ____\____ _ ________
\ \/ \/ \__ \ ___/ ___\| | \| | / _ \ \/ \/ \_ __ \
\ / / __ \| | \ \___| Y | |( <_> \ / | | \/
\/\_/ (____ |__| \___ |___|__|__ | \__ / \/\_/ |__|
\/ \/ \/
watchTowr-vs-Ivanti-EPMM-rce-chain.py
(*) CVE-2025-4427 and CVE-2025-4428 Pre-Auth RCE Chain Detection Artifact Generator
- Sonny and Piotr of watchTowr
[+] Starting Detection Artifact Generator for CVE-2025-4427 + CVE-2025-4428 Chain
[+] Executing `id` command
[+] VULNERABLE
```
# Description
This script attempts to detect if Ivanti EPMM is vulnerable to CVE-2025-4427 and CVE-2025-4428 Pre-Auth RCE chainchain.
# Affected Versions
11.12.0.4 and prior
12.3.0.1 and prior
12.4.0.1 and prior
12.5.0.0 and prior
# Follow [watchTowr](https://watchTowr.com) Labs
For the latest security research follow the [watchTowr](https://watchTowr.com) Labs Team
- https://labs.watchtowr.com/
- https://x.com/watchtowrcyber
文件快照
[4.0K] /data/pocs/207320fe46e419b735ae7108c273eebedfc920f1
├── [1.4K] README.md
└── [2.0K] watchTowr-vs-Ivanti-EPMM-CVE-2025-4427-CVE-2025-4428.py
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。