← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-3452 — Actively Exploited: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) (Cisco)

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A succes

CVE IDCVE-2020-3452
VendorCisco
ProductAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Vulnerability nameCisco ASA and FTD Read-Only Path Traversal Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionCisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web ser
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →