CVE-2025-32756

This repository contains a proof-of-concept exploit for CVE-2025-32756, a critical stack-based buffer overflow vulnerability in Fortinet products. The exploit demonstrates the vulnerability by triggering the buffer overflow condition in the AuthHash cookie processing of the `/remote/hostcheck_validate` endpoint.

The repository contains detailed technical writeups for multiple CVEs, including command injection, XXE, SQLi, and RCE vulnerabilities. Each writeup provides vulnerability overviews, proof-of-concept details, and mitigation recommendations.

The repository contains a partial Python-based PoC framework for CVE-2025-32756, targeting Fortinet software. The code includes extensive setup for logging, dependency checks, and utility functions but lacks the core exploit logic or payload delivery mechanism.

The repository contains a partial Python script for CVE-2025-32756, focusing on utility functions and setup without actual exploit logic. It includes dependencies like pwntools and requests but lacks payload delivery or vulnerability-specific code.

The repository contains only a README.md file with minimal information about CVE-2025-32756, listing affected Fortinet products without technical details or exploit code.

This PoC demonstrates a stack-based buffer overflow in Fortinet products (CVE-2025-32756) via malformed AuthHash cookie processing in the `/remote/hostcheck_validate` endpoint. It crafts payloads to trigger the overflow but does not include a full RCE payload.