CVE-2024-26006

An improper neutralization of input during web page Generation vulnerability CWE-79 in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote...

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) allows a perpetrator to cause service interruptions.

The vulnerability of AnyConnect and WebVPN web services, which are part of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD, stems from insufficient validation of input data during syntax analysis of HTTPS requests. Exploiting this vulnerability can allow a malicious...

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows a perpetrator to carry out a cross-site scripting attack.

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA software lies in the insufficient protection of the web page structure. Exploiting this vulnerability can allow a malicious actor to execute a cross-site attac...

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows a perpetrator to carry out a cross-site scripting attack.

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA software lies in the insufficient protection of the web page structure. Exploiting this vulnerability can allow a malicious actor to execute a cross-site attac...

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows a perpetrator to carry out a cross-site scripting attack.

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA software lies in insufficient protection of the web page structure. Exploiting this vulnerability can allow a malicious actor to execute a cross-site scripting...

PT-2020-4723 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Clientless SSL VPN WebVPN of Cisco Adaptive Securit...

CVE-2020-3452

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability i...

Logic Flaw Vulnerability in Resource Access Control System (WebVPN) of Beijing Netrad Technology Co.(CNVD-2020-48923)

Ltd. resource access control system WebVPN provides users with a client-free tool for easy access to resources. A logic flaw vulnerability exists in the Resource Access Control System WebVPN of Beijing Netreda Technology Co. An attacker can exploit this vulnerability to obtain sensitive informati...

Spray - A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)

A Password Spraying tool for Active Directory Credentials by Jacob WilkinGreenwolf Getting Started These instructions will show you the requirements for and how to use Spray. Prerequisites All requirements come preinstalled on Kali Linux, to run on other flavors or Mac just make sure curlowa & ly...

CVE-2020-3187

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...

CVE-2019-12698

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

The multiple vulnerabilities of the WebVPN microprogramming-based network interface device from Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense allow attackers to execute cross-site scripting attacks.

The multiple vulnerabilities of the WebVPN microprogramming device-based Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense exist due to the lack of measures taken to protect the website structure. Exploitation of these vulnerabilities could allow a malicious actor to perform...

CVE-2018-15388

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing...

PT-2019-2047 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the WebVPN service could allow an authenticated, remote...

CVE-2018-0101

A vulnerability in the Secure Sockets Layer SSL VPN functionality of the Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a...

PT-2018-1004 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions prior to the fixed version Description: A vulnerability in the Secure Sockets Layer SSL VPN functionality could allow an unauthenticated, remote attacker to cause a reload of the affecte...

Cisco Host Scan HostScan Engine Cross-Site Scripting Vulnerability

Cisco Adaptive Security Appliances Web VPN is a set of modules for configuring Web VPN on ASA firewalls. A cross-site scripting vulnerability in the HostScan Engine in the Cisco Host Scan package used by Cisco Adaptive Security Appliances Web VPN allows remote attackers to exploit the vulnerabili...

CVE-2016-6436

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

CVE-2016-6436

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

CVE-2016-6436

Affected: Cisco Host Scan Engine (Host Scan package) in ASA Web VPN. Versions 3.0.08062 through 3.1.14018 are vulnerable to cross-site scripting (XSS) via a crafted URL in the HostScan Engine. Root cause: insufficient input validation allowing injection of arbitrary script/HTML when processing us...