CVE-2025-4660 PoC — ForeScout SecureConnector 安全漏洞

Source

https://github.com/NetSPI/CVE-2025-4660

Associated Vulnerability

Title:ForeScout SecureConnector 安全漏洞 (CVE-2025-4660)
Description:ForeScout SecureConnector是美国ForeScout公司的一种网络安全软件，可对尝试加入网络的机器进行身份验证。 ForeScout SecureConnector Windows agent存在安全漏洞，该漏洞源于命名管道访问控制不当，可能导致远程代码执行。

Description

PoC for CVE-2025-4660 demonstrating exploitation of the Forescout SecureConnector on Windows

Readme

# Description
A PoC for CVE-2025-4660, Forescout SecureConnector RCE

## forescout_redirect.py
This is the exploit itself where you can redirect an agent to a specific IP address under the attackers control

## forescout_c2.py
A simple C2 implementation that speaks the ForeScout SecureConnector language

File Snapshot


 [4.0K]  /data/pocs/2deeeda9cd6db2e8e6c95f585573888e5ffc13d6
├── [ 11K]  forescout_c2.py
├── [2.1K]  forescout_redirect.py
├── [1.5K]  LICENSE
└── [ 306]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!