Vulnerability identifier: #VU31817

Vulnerability risk: Medium

CVSSv3.1: 7.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C]

CVE-ID: CVE-2020-3452

CWE-ID: CWE-22

Exploitation vector: Network

Exploits in database: 32

• February 27, 2024
  • CVE-2020-3452 (Exploitation Scanner CVE-2020-3452 to enumerate the standard files accessible in the Path Traversal of CISCO ASA/FTD .?) [Github]
• May 8, 2022
  • cve-2020-3452 (Just proof of concept for Cisco CVE-2020-3452. Using external or internal file base.) [Github]
• January 10, 2022
  • CVE-2020-3452_auto () [Github]
• November 3, 2021
  • CVE-2020-3452 (Test vulnerability of CVE-2020-3452) [Github]
• June 29, 2021
  • CVE-Vulnerability-POC (A collection of custom exploit scripts to determine the existence of CVE vulnerabilities. ) [Github]
• June 17, 2021
  • Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion [Exploit-DB]
  • Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion [Exploit-DB]
  • Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2) [Exploit-DB]
• June 10, 2021
  • CVE-2020-3452 () [Github]
• February 9, 2021
  • Cisco-CVE-2020-3452-shodan-scanner (simple bash script of CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability checker ) [Github]
• February 4, 2021
  • Cisco-CVE-2020-3452-checker (simple bash script of Cisco CVE-2020-3452 checker ) [Github]
  • Cisco-ASA-FTD-Web-Services-Traversal (CVE-2020-3452 - Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) traversal) [Github]
• January 5, 2021
  • CISCO-CVE-2020-3452-Scanner-Exploiter (CISCO CVE-2020-3452 Scanner & Exploiter) [Github]
• December 16, 2020
  • CVE-2020-3452 () [Github]
• November 21, 2020
  • CVE-2020-3452 (CVE-2020-3452) [Github]
• October 14, 2020
  • CVE-2020-3452-Exploit (Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.) [Github]
  • CVE_2020_3452_Detect () [Github]
• October 13, 2020
  • Cisco ASA and FTD 9.6.4.42 - Path Traversal [Exploit-DB]
• September 28, 2020
  • CVE-2020-3452-Scanner (Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.) [Github]
• September 11, 2020
  • CVE-2020-3452 (CVE-2020-3452 exploit) [Github]
• September 1, 2020
  • CVE-2020-3452 (CVE-2020-3452 - directory traversal in Cisco ASA and Cisco Firepower Threat Defense) [Github]
  • CVE-2020-3452 ([CVE-2020-3452] Cisco Adaptive Security Appliance (ASA) & Cisco Firepower Threat Defense (FTD) Web Service Read-Only Directory Traversal) [Github]
  • CVE-2020-3452 (CVE-2020-3452 exploit) [Github]
  • Cisco-ASA-LFI ((CVE-2020-3452) Cisco Adaptive Security Appliance Software - Local File Inclusion Vuln Test sciript) [Github]
• July 30, 2020
  • http-vuln-cve2020-3452.nse (CVE-2020-3452 : Cisco ASA and FTD Unauthorized Remote File Reading Nmap NSE Script) [Github]
• July 29, 2020
  • checker-cve2020-3452 (Cisco Adaptive Security Appliance and FTD Unauthorized Remote File Reading) [Github]
• July 25, 2020
  • CVE-2020-3452 (Little, stupid python validator(?) for CVE-2020-3452 on CISCO devices.) [Github]
  • CVE-2020-3452-PoC () [Github]
  • cve-2020-3452 (unauth file read in cisco asa & firepower.) [Github]
  • CVE-2020-3452-Cisco-Scanner (CVE-2020-3452 Cisco ASA Scanner -unauth Path Traversal Check) [Github]
  • CVE-2020-3452 () [Github]
  • cve-2020-3452 () [Github]

Impact: Information disclosure

Vulnerable software:
Cisco Adaptive Security Appliance (ASA)
Hardware solutions / Security hardware applicances
Cisco Firepower Threat Defense (FTD)
Hardware solutions / Security hardware applicances

Vendor: Cisco Systems, Inc