Skip to content

Module for Ivanti Connect Secure RCE (CVE-2025-22457) #20025

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cdelafuente-r7 opened this issue Apr 11, 2025 · 0 comments
Open

Module for Ivanti Connect Secure RCE (CVE-2025-22457) #20025

cdelafuente-r7 opened this issue Apr 11, 2025 · 0 comments
Assignees
@cdelafuente-r7
Labels
module suggestion-feature New feature suggestions

Comments

@cdelafuente-r7
Copy link
Contributor

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

https://attackerkb.com/topics/0ybGQIkHzR/cve-2025-22457/rapid7-analysis
@cdelafuente-r7 cdelafuente-r7 added the suggestion-feature New feature suggestions label Apr 11, 2025
@cdelafuente-r7 cdelafuente-r7 self-assigned this Apr 11, 2025
@cdelafuente-r7 cdelafuente-r7 moved this to In Progress in Metasploit Kanban Apr 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cdelafuente-r7 cdelafuente-r7

Labels
module suggestion-feature New feature suggestions
Projects
Metasploit Kanban
Status: In Progress
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cdelafuente-r7