漏洞平台

POC详情： b725667e931ac93d2b334b98f0b255e461518429

来源

https://github.com/jordan922/cve2025-20265

关联漏洞

标题： Cisco Secure Firewall Management Center 注入漏洞 (CVE-2025-20265)
描述：Cisco Secure Firewall Management Center是美国思科（Cisco）公司的一个强大的网络安全管理工具。 Cisco Secure Firewall Management Center存在注入漏洞，该漏洞源于RADIUS认证阶段输入处理不当，可能导致执行任意命令。

描述

Safe Python script to detect Cisco FMC instances potentially vulnerable to CVE-2025-20265.  Uses official FMC API to check version, supports single/multi-target scanning, and includes  a harmless local PoC marker.

介绍

# cve2025-20265
Safe Python script to detect Cisco FMC instances potentially vulnerable to CVE-2025-20265.  Uses official FMC API to check version, supports single/multi-target scanning, and includes  a harmless local PoC marker.


# Cisco FMC CVE-2025-20265 Vulnerability Checker (Safe)


**What it does:**
- Uses the official FMC REST API to query version information
- Compares against known affected versions
- Optional `--poc` mode prints a **harmless local proof-of-concept marker** when a vulnerable version is detected (nothing is sent to the target)
- Supports **single target** or **multiple targets** from a file
- Colorized output for easy reading

> ⚠️ **No exploit code** — this tool does not attempt to exploit anything or run commands on the target.

---

## Features
- ✅ Single or multi-target scanning
- ✅ Safe — read-only API calls
- ✅ Color-coded results
- ✅ Harmless local PoC marker option
- ✅ TLS verification control for self-signed certs

---

## Requirements
- Python 3.8+
- `requests` (`pip install requests`)
- Optional: `colorama` (`pip install colorama`) for better Windows color support

---

## Usage


## Multiple targets from file

targets.txt:

https://fmc1.example.com
https://fmc2.example.com


--- 

Run:

python fmc_cve2025_20265_checker.py \
  --file targets.txt \
  --user admin \
  --password 'YOURPASS'

### Single target
```bash
python fmc_cve2025_20265_checker.py \
  --single https://fmc.example.com \
  --user admin \
  --password 'YOURPASS'



Optional flags
	•	--insecure → Skip TLS verification (self-signed certs)
	•	--no-color → Disable color output
	•	--poc → Show harmless local PoC marker if target is vulnerable

文件快照


 [4.0K]  /data/pocs/b725667e931ac93d2b334b98f0b255e461518429
├── [6.4K]  fmc_cve2025_20265_checker.py
├── [1.0K]  LICENSE
└── [1.7K]  README.md

0 directories, 3 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。