Exploit for CVE-2025-5309

## https://sploitus.com/exploit?id=245844D8-68C7-5306-95CC-668330FB0480
# CVE-2025-5309 Scanner

🚨 **CVE-2025-5309**: Server-Side Template Injection in Remote Support and Privileged Remote Access Chat Feature

## 📰 CVE Overview
A vulnerability in BeyondTrust Remote Support and Privileged Remote Access allows Server-Side Template Injection (SSTI), potentially leading to remote code execution via the chat feature.

- **CVE**: CVE-2025-5309
- **Risk**: High (Remote Code Execution)
- **Credit**: Jorren Geurts – [resillion.com](https://resillion.com/latest-news/be)
- **Searchable Services**: Over 1.2M services found on [hunter.how](https://hunter.how/list?searchVal=BeyondTrust)
- **Query**:
  ```
  product.name="BeyondTrust Remote Support"||product.name="BeyondTrust Privileged Remote Access"
  ```

## 🛡️ How to Fix
- Update to the latest secure version from [BeyondTrust](https://beyondtrust.com/trust-center/security-advisories)
- Disable or restrict public access to the chat system
- Monitor and restrict template processing in chat input

## 🔍 Usage

Install dependencies:

```bash
pip install -r requirements.txt
```

Run the scanner:

```bash
python3 scanner.py --query "BeyondTrust"
```

## 💡 Example Output

```
🚨 CVE-2025-5309 Scanner by Issam junior 🚨
[+] Searching for: BeyondTrust ...
[!] Possible vulnerable service found: 192.168.0.55:443
```

## 📌 Disclaimer
This tool is for **educational and security research purposes only**.