HTTP: Ivanti Multiple Products X-Forwarded-For Stack-based Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Ivanti. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
Affected Products
Ivanti neurons_for_zero-trust_access
References
CVE: CVE-2025-22457
Short Name
HTTP:CTS:IVNTI-X-FRWD-BFR-OVFLW
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2025-22457 Ivanti Multiple Overflow Products Stack-based X-Forwarded-For
Release Date
05/13/2025
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
Sigpack Version
3807
False Positive
Unknown
Vendors
Ivanti