Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure CVE-2025-0282

Name: Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure CVE-2025-0282
Rating: 5 (130 reviews)

2025-06-07 | CVSS 9.0

## https://sploitus.com/exploit?id=E3CC95D4-9782-5D2C-8B37-2AF88E951B9A
# Blackash-CVE-2025-0282

# Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

# Metrics

CNA:  `ivanti` Base Score: 9.0 CRITICAL ⚫ Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

# Uploading a Web Shell

To use the tool for uploading a web shell to the target system:

```
python3 CVE_2025_0282.py <target_ip> <local_shell_path>
```
+ <target_ip>: The IP address of the target server.
+ <local_shell_path>: Path to the web shell file on your local machine.