Exploit for CVE-2025-32462

## https://sploitus.com/exploit?id=C2E224C0-CF56-540C-BF08-2CB968F72D91
# CVE-2025-32462 – sudo -h Privilege Escalation PoC

![MIT License](https://img.shields.io/badge/license-MIT-green)
![PoC](https://img.shields.io/badge/status-proof--of--concept-blue)
![Visitors](https://visitor-badge.laobi.icu/badge?page_id=cyberpoul.CVE-2025-32462-POC)

> 🚨 Local privilege escalation exploit for `sudo` via the `-h/--host` argument  
> Affects systems with `sudo` misconfigurations allowing unintended root access.

---

## 🧠 About

This PoC demonstrates **CVE-2025-32462**, a logic flaw in `sudo` (all versions ≤ 1.9.17),  
where misuse of the `-h` option can bypass RunAs restrictions and allow unintended root command execution.

---

## 📋 Requirements

- Affected `sudo` version: **≤ 1.9.17**
- `sudoers` config includes misconfig like:

  `(ALL, !root) NOPASSWD: ALL`


## 🚀 Usage

- `chmod +x CVE-2025-32462.sh && ./CVE-2025-32462.sh`

- To test a specific command (example: whoami):
 `./CVE-2025-32462.sh whoami`
If the system is vulnerable and misconfigured, this will drop you into a root shell via `sudo -h`. To exit the root shell, type: `exit`


## 🛡️ Mitigation

  Upgrade sudo to 1.9.17p1 or later

`(ALL, !root) NOPASSWD: ALL`

🚫 Restrict or disable use of the -h / --host option


## 📚 References

- ![NVD Entry]([https://nvd.nist.gov/vuln/detail/CVE-2025-32462)
- ![sudo security page](https://www.sudo.ws/security/advisories)