Safe Python script to detect Cisco FMC instances potentially vulnerable to CVE-2025-20265. Uses official FMC API to check version, supports single/multi-target scanning, and includes a harmless local PoC marker.# cve2025-20265
Safe Python script to detect Cisco FMC instances potentially vulnerable to CVE-2025-20265. Uses official FMC API to check version, supports single/multi-target scanning, and includes a harmless local PoC marker.
# Cisco FMC CVE-2025-20265 Vulnerability Checker (Safe)
**What it does:**
- Uses the official FMC REST API to query version information
- Compares against known affected versions
- Optional `--poc` mode prints a **harmless local proof-of-concept marker** when a vulnerable version is detected (nothing is sent to the target)
- Supports **single target** or **multiple targets** from a file
- Colorized output for easy reading
> ⚠️ **No exploit code** — this tool does not attempt to exploit anything or run commands on the target.
---
## Features
- ✅ Single or multi-target scanning
- ✅ Safe — read-only API calls
- ✅ Color-coded results
- ✅ Harmless local PoC marker option
- ✅ TLS verification control for self-signed certs
---
## Requirements
- Python 3.8+
- `requests` (`pip install requests`)
- Optional: `colorama` (`pip install colorama`) for better Windows color support
---
## Usage
## Multiple targets from file
targets.txt:
https://fmc1.example.com
https://fmc2.example.com
---
Run:
python fmc_cve2025_20265_checker.py \
--file targets.txt \
--user admin \
--password 'YOURPASS'
### Single target
```bash
python fmc_cve2025_20265_checker.py \
--single https://fmc.example.com \
--user admin \
--password 'YOURPASS'
Optional flags
• --insecure → Skip TLS verification (self-signed certs)
• --no-color → Disable color output
• --poc → Show harmless local PoC marker if target is vulnerable
[4.0K] /data/pocs/b725667e931ac93d2b334b98f0b255e461518429
├── [6.4K] fmc_cve2025_20265_checker.py
├── [1.0K] LICENSE
└── [1.7K] README.md
0 directories, 3 files