what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

CVE-2020-3452

Status Candidate

Overview

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.

Related Files

Cisco ASA 9.14.1.10 / FTD 6.6.0.1 Path Traversal
Posted Dec 15, 2020
Authored by Freakyclown

Cisco ASA version 9.14.1.10 and FTD version 6.6.0.1 path traversal exploit. Original discovery of this vulnerability is attributed to 3ndG4me in October of 2020.

tags | exploit, file inclusion
systems | cisco
advisories | CVE-2020-3452
MD5 | 7cf23b4f5854a2f296a17705db8fae41
Cisco ASA / FTD 9.6.4.42 Path Traversal
Posted Oct 11, 2020
Authored by 3ndG4me

Cisco ASA and FTD version 9.6.4.42 suffer from a path traversal vulnerability.

tags | exploit, file inclusion
systems | cisco
advisories | CVE-2020-3452
MD5 | 48f25de33c55a08e792d3ab4713f7f58
Cisco Adaptive Security Appliance Software 9.11 Local File Inclusion
Posted Jul 29, 2020
Authored by 0xmmnbassel

Adaptive Security Appliance Software version 9.11 local file inclusion exploit.

tags | exploit, local, file inclusion
advisories | CVE-2020-3452
MD5 | 18674d1ac6566a743b27902123a8d30e
Cisco ASA / FTD Remote File Disclosure
Posted Jul 29, 2020
Authored by MrCl0wn Lab | Site github.com

This Python script checks whether the target server is vulnerable to CVE-2020-3452, a vulnerability in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) products that can allow for remote file disclosure.

tags | exploit, remote, python
systems | cisco
advisories | CVE-2020-3452
MD5 | ce6d90fc11286f40ae29b48e9bcc545d
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close