.. / CVE-2020-3187

Exploit for Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal (CVE-2020-3187)

Description:

Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are susceptible to directory traversal vulnerabilities that could allow an unauthenticated, remote attacker to obtain read and delete access to sensitive files on a targeted system.

Nuclei Template

View the template here CVE-2020-3187.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-3187.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2020-3187
https://github.com/Threekiii/Awesome-POC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43
http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html
https://twitter.com/aboul3la/status/1286809567989575685

.. / CVE-2020-3187 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal (CVE-2020-3187)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-3187