7 matches found
Cisco Firepower ASA Command Injection (CVE-2022-20828)
A command injection vulnerability exists in Cisco Firepower ASA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Cisco ASA-X With FirePOWER Services Authenticated Command Injection Exploit
This Metasploit module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual...
Cisco ASA-X With FirePOWER Services Authenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA-X with FirePOWER Services Authenticated Command Injection', 'Description' = %q This module exploits an authenticated command injection...
Cisco ASA-X with FirePOWER Services Authenticated Command Injection
This module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual machine...
CVE-2022-20828
creationtimestamp| type| source ---|---|--- 2022-06-24 20:31:16+00:00| seen| https://t.me/cibsecurity/45112 2022-09-02 17:35:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscoasaxsfrrce.rb 2022-09-04 05:06:05+00:00| seen|...
CVE-2022-20828
CVE-2022-20828 affects Cisco FirePOWER Software for ASA FirePOWER Module. Root cause: CLI parser mishandles undefined parameters, enabling authenticated remote command injection to execute arbitrary commands as root on the FirePOWER OS. Exploitation paths include crafted CLI commands or crafted H...
CVE-2022-20828 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerabilit...