漏洞平台

POC详情： c4daf990050132b77ef216b16932e3806beb7308

来源

https://github.com/grupooruss/CVE-2025-20281-Cisco

关联漏洞

标题： Cisco ISE和Cisco ISE-PIC 注入漏洞 (CVE-2025-20281)
描述：Cisco ISE和Cisco ISE-PIC都是美国思科（Cisco）公司的产品。Cisco ISE是一个 NAC 解决方案。用于管理零信任架构中的端点、用户和设备对网络资源的访问。Cisco ISE-PIC是一个组件。 Cisco ISE和Cisco ISE-PIC存在注入漏洞，该漏洞源于输入验证不足，可能导致执行任意代码。

描述

This script checks for the presence of the **CVE-2025-20281** vulnerability in Cisco Identity Services Engine (ISE) and ISE-PIC, which allows **unauthenticated remote code execution (RCE)** as root due to insufficient input validation in a specific API.

介绍

# CVE-2025-20281 - Cisco ISE RCE Vulnerability Checker

This script checks for the presence of the **CVE-2025-20281** vulnerability in Cisco Identity Services Engine (ISE) and ISE-PIC, which allows **unauthenticated remote code execution (RCE)** as root due to insufficient input validation in a specific API.

**This tool is intended for authorized security testing and educational purposes only. Do not use it against systems you do not own or have permission to test.**

## About the Vulnerability

**CVE-2025-20281** allows an **unauthenticated, remote attacker** to execute arbitrary commands as root on the underlying OS by submitting a specially crafted API request. The flaw is due to **improper validation of user-supplied input**.

- **Attack Vector:** Remote
- **Privileges Required:** None
- **Impact:** Remote Code Execution (root)
- **Affected Products:** Cisco ISE, Cisco ISE-PIC (specific versions)

## Features

- Sends a crafted payload to simulate code execution attempts
- Detects possible signs of vulnerability
- Simple command-line usage
- No authentication required

## Requirements

- Python 3.x
- `requests` library  
  Install via:
  ```bash
  pip install requests
  ```

## Usage

```bash
python check_cve_2025_20281.py https://<TARGET-IP-OR-DOMAIN>
```

### Example:

```bash
python check_cve_2025_20281.py https://192.168.1.100
```

## Interpreting Results

- `[!!!] POSIBLE VULNERABILIDAD DETECTADA` — Exploit attempt likely succeeded or triggered a revealing response.
- `[*] Server responded with error` — Possible indicator of payload processing.
- `[-] No abnormal behavior detected` — Target may not be vulnerable or is patched.

## File Structure

```
.
├── check_cve_2025_20281.py
├── README.md
├── requirements.txt
└── .gitignore
```

## Disclaimer

This script is provided **as-is** for **research and professional pentesting**. The authors are not responsible for any misuse or damages caused by this tool.

## 🔗 References

- [Cisco Security Advisory for CVE-2025-20281](https://tools.cisco.com/security/center/)
- [MITRE CVE Record](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20281)

## 👨‍💻 Author

**Grupo Oruss** – — Joy Bassett (@Division81),  
[https://www.grupooruss.com](https://www.grupooruss.com)

文件快照


 [4.0K]  /data/pocs/c4daf990050132b77ef216b16932e3806beb7308
├── [1.5K]  check_cve_2025_20281.py
├── [2.3K]  README.md
└── [  17]  requirements.txt

0 directories, 3 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。