U.S. Dept Of Defense: https://████ is vulnerable to cve-2020-3452

Description: A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The...

Command Execution Vulnerability in Resource Access Control System (WebVPN) of Beijing Netrexel Technology Co.

Resource Access Control System WebVPN is a tool that provides users with easy client-free access to resources. Ltd. Resource Access Control System WebVPN suffers from a command execution vulnerability that can be exploited by an attacker to gain control of a web server...

U.S. Dept Of Defense: Read-only path traversal (CVE-2020-3452) at https://████████

Summary: I discovered a vulnerability Read-only path traversal CVE-2020-3452 at https://████████ Description: A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote...

U.S. Dept Of Defense: ███ is vulnerable to CVE-2020-3452 Read-Only Path Traversal Vulnerability

Summary: ████████ is vulnerable to Read-Only Path Traversal Vulnerability as described at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 Description: Get request parameters at the /+CSCOT+/translation-table and the /+CSCOT+/oem-customization...

Exploit for Improper Input Validation in Cisco Adaptive_Security_Appliance_Software

CVE-2020-3452 Cisco Adaptive Security Appliance ASA & Cisco...

Mail.ru: [webvpn.city-srv.ru] Path traversal via CVE-2020-3452

CVE-2020-3452 on webvpn.city-srv.ru...

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

Cisco is warning that a high-severity flaw in its network security software is being actively exploited – allowing remote, unauthenticated attackers to access sensitive data. Patches for the vulnerability CVE-2020-3452 in question, which ranks 7.5 out of 10 on the CVSS scale, were released last...

Exploit for Improper Input Validation in Cisco Adaptive_Security_Appliance_Software

CVE-2020-3452 Little, stupid python validator? for CVE-2020...

Exploit for Improper Input Validation in Cisco Adaptive_Security_Appliance_Software

CVE-2020-3452 - Cisco ASA Scanner Scanning for CVE-2020-3452...

Cisco Network Security Flaw Leaks Sensitive Data

A high-severity vulnerability in Cisco’s network security software could lay bare sensitive data – such as WebVPN configurations and web cookies – to remote, unauthenticated attackers. The flaw exists in the web services interface of Cisco’s Firepower Threat Defense FTD software, which is part of...

U.S. Dept Of Defense: Path traversal on https://███ allows arbitrary file read (CVE-2020-3452)

Summary: According to Cisco: A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targete...

Directory traversal

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability i...

CVE-2020-3452 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability i...

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability i...

Cisco Firepower Threat Defense WebVPN DoS (cisco-sa-20190501-sd-cpu-dos)

According to its self-reported version, the Cisco Firepower Threat Defense FTD software installed on the remote host is affected by a vulnerability in the WebVPN login process that allows an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerabili...

Cisco Adaptive Security Appliance (ASA) WebVPN DoS (cisco-sa-20190501-sd-cpu-dos)

According to its self-reported version, the Cisco Adaptive Security Appliance ASA software installed on the remote host is affected by a vulnerability in the WebVPN login process that allows an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The...

Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA

Cisco has stomped out 12 high-severity vulnerabilities across several network security products. The flaws can be exploited by unauthenticated remote attackers to launch an array of attacks – from denial of service DoS to sniffing out sensitive data. Specifically affected is Cisco’s Firepower...

CVE-2020-3259

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...

CVE-2020-3187

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...

Design/Logic Flaw

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...