CVE-2024-26006

An improper neutralization of input during web page Generation vulnerability CWE-79 in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote...

PT-2020-4723 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Clientless SSL VPN WebVPN of Cisco Adaptive Securit...

CVE-2020-3452

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability i...

Logic Flaw Vulnerability in Resource Access Control System (WebVPN) of Beijing Netrad Technology Co.(CNVD-2020-48923)

Ltd. resource access control system WebVPN provides users with a client-free tool for easy access to resources. A logic flaw vulnerability exists in the Resource Access Control System WebVPN of Beijing Netreda Technology Co. An attacker can exploit this vulnerability to obtain sensitive informati...

Spray - A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)

A Password Spraying tool for Active Directory Credentials by Jacob WilkinGreenwolf Getting Started These instructions will show you the requirements for and how to use Spray. Prerequisites All requirements come preinstalled on Kali Linux, to run on other flavors or Mac just make sure curlowa & ly...

CVE-2020-3187

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...

CVE-2019-12698

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

CVE-2018-15388

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing...

PT-2019-2047 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the WebVPN service could allow an authenticated, remote...

CVE-2018-0101

A vulnerability in the Secure Sockets Layer SSL VPN functionality of the Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a...

PT-2018-1004 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions prior to the fixed version Description: A vulnerability in the Secure Sockets Layer SSL VPN functionality could allow an unauthenticated, remote attacker to cause a reload of the affecte...

Cisco Host Scan HostScan Engine Cross-Site Scripting Vulnerability

Cisco Adaptive Security Appliances Web VPN is a set of modules for configuring Web VPN on ASA firewalls. A cross-site scripting vulnerability in the HostScan Engine in the Cisco Host Scan package used by Cisco Adaptive Security Appliances Web VPN allows remote attackers to exploit the vulnerabili...

CVE-2016-6436

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

CVE-2016-6436

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

CVE-2016-6436

Affected: Cisco Host Scan Engine (Host Scan package) in ASA Web VPN. Versions 3.0.08062 through 3.1.14018 are vulnerable to cross-site scripting (XSS) via a crafted URL in the HostScan Engine. Root cause: insufficient input validation allowing injection of arbitrary script/HTML when processing us...

CVE-2016-6436

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

Cisco Host Scan Package Cross-Site Scripting Vulnerability

A vulnerability in the Cisco Host Scan package could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of a Cisco Adaptive Security Appliance ASA Web VPN deployment. The vulnerability is due to insufficient input validation of a user-supplied...

CVE-2013-5557

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance ASA Software 9.1.2 and earlier allows remote authenticated users to cause a denial of service device crash or error-recovery event via an HTTP request that triggers a rewrite, aka Bug ID...

Cisco Adaptive Security Appliance 8.x Web VPN FTP or CIFS Authentication Form Phishing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35475/info Cisco Adaptive Security Appliance ASA is prone to a vulnerability that can aid in phishing attacks. An attacker can exploit this issue to display a fake login window that's visually similar to the device's logi...

PT-2013-4371 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA devices affected versions not specified Description: A cross-site scripting XSS issue in the WebVPN portal login page allows remote attackers to inject arbitrary web script or HTML via a crafted URL...