CVE-2020-3452 — Actively Exploited: Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) (Cisco)
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A succes
| CVE ID | CVE-2020-3452 |
|---|---|
| Vendor | Cisco |
| Product | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
| Vulnerability name | Cisco ASA and FTD Read-Only Path Traversal Vulnerability |
| Date added | 2021-11-03 |
| Remediation due | 2022-05-03 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web ser |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →