ID:8914 - Exploit for Path traversal in Cisco Adaptive Security Appliance (ASA) and Cisco Firewall Threat Defense (FTD) - CVE-2020-3187

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:8914 - Exploit for Path traversal in Cisco Adaptive Security Appliance (ASA) and Cisco Firewall Threat Defense (FTD) - CVE-2020-3187

ID:8914 - Exploit for Path traversal in Cisco Adaptive Security Appliance (ASA) and Cisco Firewall Threat Defense (FTD) - CVE-2020-3187

Published: March 15, 2023


Vulnerability identifier: #VU27592
Vulnerability risk: High
CVE-ID: CVE-2020-3187
CWE-ID: CWE-22
Exploitation vector: Remote access
Vulnerable software:
Cisco Adaptive Security Appliance (ASA)
Cisco Firewall Threat Defense (FTD)

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in the web services interface. A remote attacker can send a specially crafted HTTP request and read or delete arbitrary files on the targeted system.


Remediation

Install update from vendor's website.