Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2022/11/07 12:0 a.m.85 views

Cisco Firepower ASA Command Injection (CVE-2022-20828)

A command injection vulnerability exists in Cisco Firepower ASA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.1AI score0.4831EPSS
Exploits4
0day.today
0day.today
added 2022/09/05 12:0 a.m.355 views

Cisco ASA-X With FirePOWER Services Authenticated Command Injection Exploit

This Metasploit module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual...

7.2CVSS0.3AI score0.4831EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/09/05 12:0 a.m.411 views

Cisco ASA-X With FirePOWER Services Authenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA-X with FirePOWER Services Authenticated Command Injection', 'Description' = %q This module exploits an authenticated command injection...

9CVSS0.9AI score0.4831EPSS
Exploits4
Metasploit
Metasploit
added 2022/09/02 7:49 p.m.550 views

Cisco ASA-X with FirePOWER Services Authenticated Command Injection

This module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual machine...

9CVSS7.4AI score0.4831EPSS
Exploits4
Circl
Circl
added 2022/06/24 8:31 p.m.34 views

CVE-2022-20828

creationtimestamp| type| source ---|---|--- 2022-06-24 20:31:16+00:00| seen| https://t.me/cibsecurity/45112 2022-09-02 17:35:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscoasaxsfrrce.rb 2022-09-04 05:06:05+00:00| seen|...

9CVSS7.7AI score0.4831EPSS
Exploits4References3
CVE
CVE
added 2022/06/24 3:25 p.m.131 views

CVE-2022-20828

CVE-2022-20828 affects Cisco FirePOWER Software for ASA FirePOWER Module. Root cause: CLI parser mishandles undefined parameters, enabling authenticated remote command injection to execute arbitrary commands as root on the FirePOWER OS. Exploitation paths include crafted CLI commands or crafted H...

9CVSS7.3AI score0.4831EPSS
Exploits4References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/06/24 3:25 p.m.28 views

CVE-2022-20828 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability

A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerabilit...

6.5CVSS7.8AI score0.4831EPSS
Exploits4References3
Rows per page
Query Builder