来源

关联漏洞

介绍

# CVE-2025-64446 Exploit Tool

Exploit tool for CVE-2025-64446 vulnerability verification and exploitation in FortiWeb devices.

## Description

This tool tests for and exploits a path traversal vulnerability (CVE-2025-64446) in FortiWeb web application firewalls. It can be used to verify vulnerability status or exploit the CGI endpoint to create/modify user accounts.

## Installation

```bash
pip install -r requirements.txt
```

## Usage

### Vulnerability Verification (Read-only)

```bash
python3 exploit.py -t <target_ip> --check
```

### Execute Exploit

```bash
python3 exploit.py -t <target_ip> --exploit
```

### Custom Parameters

```bash
python3 exploit.py -t <target_ip> --exploit --username sxy --password sxyrxyadmin1!
```

### Multiple Targets from File

```bash
python3 exploit.py -l targets.txt --check
```

Create a `targets.txt` file with one IP address per line:
```
192.168.1.100
192.168.1.101
192.168.1.102
```

## Options

- `-t, --target` - Target IP address (required if `--targets-file` not used)
- `-l, --targets-file` - File containing target IP addresses (one per line, required if `--target` not used)
- `-p, --port` - Target port (default: 443)
- `--http` - Use HTTP instead of HTTPS
- `--check` - Vulnerability verification only (read-only)
- `--exploit` - Execute CGI endpoint exploit
- `--username` - Username for exploit (default: sxy)
- `--password` - Password to set (default: sxyrxyadmin1!)
- `--profname` - Profile name (default: prof_admin)
- `--vdom` - VDOM name (default: root)
- `--loginname` - Login name (default: admin)
- `--testpoint-name` - Testpoint/user name to create (default: Testpoint)

## Disclaimer

This tool is for authorized security research and educational purposes only. Only use on systems you own or have explicit permission to test.

文件快照

 [4.0K]  /data/pocs/3cb3bd34eeaf7f9671758e7feb30e892a48128f7
├── [ 16K]  exploit.py
├── [1.8K]  README.md
└── [  33]  requirements.txt

1 directory, 3 files

备注