Exploit for Out-of-bounds Write in Ivanti Connect Secure CVE-2025-0282

Name: Exploit for Out-of-bounds Write in Ivanti Connect Secure CVE-2025-0282
Rating: 5 (15 reviews)

2025-01-22 | CVSS 9.0

## https://sploitus.com/exploit?id=C06E9D78-DBF2-5439-B2D2-697ED54F61B6
# PoC for CVE-2025-0282 
**Remote Unauthenticated Stack Buffer Overflow in Ivanti Products**

## Overview
This proof-of-concept demonstrates exploitation of CVE-2025-0282, a critical vulnerability affecting:
- Ivanti Connect Secure
- Ivanti Policy Secure 
- Ivanti Neurons for ZTA gateways

Based on [watchTowr's research](https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282), this PoC uses a ROP chain targeting **Ivanti Connect Secure 22.7r2.4** specifically. Other versions require custom ROP chain development.

The payload creates a new privileged admin account with:
- Username: `admin`
- Password: `password`
- Root-level privileges (UID 0)

## Prerequisites
- Python 3.x
- Required packages: `requests`, `pyopenssl`
- Vulnerable Ivanti system (version 22.7r2.4)

## Usage
1. Run the exploit:
```bash
python3 CVE-2025-0282.py -t <TARGET_IP> -p 443