4 matches found
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance ASA. The vulnerability, tracked as CVE-2014-2120 CVSS score: 4.3, concerns a case of insufficient input validation in ASA's WebVPN login page that...
CVE-2014-2120
creationtimestamp| type| source ---|---|--- 2024-11-12 18:40:00+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113471442114730989 2024-11-12 19:24:16+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2659503 2024-11-12 21:10:02+00:00| seen|...
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services
The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent...
CVE-2014-2120
CVE-2014-2120 affects Cisco ASA WebVPN login page, with a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary script/HTML via an unspecified parameter (Bug ID CSCun19025). Multiple sources (Cisco advisory, NVD/NIST CVE entry, CISCO-SA, OpenVAS) consistently d...