## https://sploitus.com/exploit?id=C2E224C0-CF56-540C-BF08-2CB968F72D91
# CVE-2025-32462 โ sudo -h Privilege Escalation PoC



> ๐จ Local privilege escalation exploit for `sudo` via the `-h/--host` argument
> Affects systems with `sudo` misconfigurations allowing unintended root access.
---
## ๐ง About
This PoC demonstrates **CVE-2025-32462**, a logic flaw in `sudo` (all versions โค 1.9.17),
where misuse of the `-h` option can bypass RunAs restrictions and allow unintended root command execution.
---
## ๐ Requirements
- Affected `sudo` version: **โค 1.9.17**
- `sudoers` config includes misconfig like:
`(ALL, !root) NOPASSWD: ALL`
## ๐ Usage
- `chmod +x CVE-2025-32462.sh && ./CVE-2025-32462.sh`
- To test a specific command (example: whoami):
`./CVE-2025-32462.sh whoami`
If the system is vulnerable and misconfigured, this will drop you into a root shell via `sudo -h`. To exit the root shell, type: `exit`
## ๐ก๏ธ Mitigation
Upgrade sudo to 1.9.17p1 or later
`(ALL, !root) NOPASSWD: ALL`
๐ซ Restrict or disable use of the -h / --host option
## ๐ References
- 
- 