CVE-2025-20265 PoC — Cisco Secure Firewall Management Center 注入漏洞

Source

https://github.com/amalpvatayam67/day08-CISCO-fmc-sim

Associated Vulnerability

Title:Cisco Secure Firewall Management Center 注入漏洞 (CVE-2025-20265)
Description:Cisco Secure Firewall Management Center是美国思科（Cisco）公司的一个强大的网络安全管理工具。 Cisco Secure Firewall Management Center存在注入漏洞，该漏洞源于RADIUS认证阶段输入处理不当，可能导致执行任意命令。

Description

This is a minimal, educational simulation that demonstrates the _impact_ class of a management-plane parsing RCE (inspired by CVE-2025-20265). It intentionally executes commands from crafted input for local learning only.

Readme

# Day08 — Cisco FMC-style Management RCE (Simulation)

This is a minimal, educational simulation that demonstrates the _impact_ class of a management-plane parsing RCE (inspired by CVE-2025-20265). It intentionally executes commands from crafted input for local learning only.

## Quickstart

```bash
chmod +x entrypoint.sh exploit.sh
docker build -t fmc-sim .
docker run --rm -d -p 8444:8444 --name fmc-sim fmc-sim
```

File Snapshot


 [4.0K]  /data/pocs/ac6f5e8ba32e4c374f9515e9b8e87aac91b82010
├── [ 224]  DISCLAIMER.md
├── [ 435]  Dockerfile
├── [ 231]  entrypoint.sh
├── [ 313]  exploit.sh
├── [ 422]  README.md
└── [2.4K]  server.py

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!