Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackeronePirneciH1:1455266
HistoryJan 20, 2022 - 2:05 p.m.

U.S. Dept Of Defense: Arbitrary File Deletion (CVE-2020-3187) on ████████

2022-01-2014:05:20
pirneci
hackerone.com
20

0.973 High

EPSS

Percentile

99.9%

JSON

Hello team,
I hope you’re doing well, healthy & wealthy.
I found an Arbitrary File Deletion (CVE-2020-3187) vulnerability on https://██████████/+CSCOE+/session_password.html that allows the Arbitrary File Deletion.

References

- https://twitter.com/aboul3la/status/1286809567989575685
- http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43

Arbitrary File Deletion Reference:

Impact

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system.

Best regards
@pirneci

System Host(s)

█████

Affected Product(s) and Version(s)

Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software

CVE Numbers

CVE-2020-3187

Steps to Reproduce

Here is the PoC. If you can see “webvpn:” cookie, then you can delete any arbitrary file. I didn’t do it. It’s enough to prove the vulnerability.

PoC

GET /+CSCOE+/session_password.html HTTP/1.1
Host: █████
Sec-Ch-Ua: "Chromium";v="97", " Not;A Brand";v="99"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close

████████

Suggested Mitigation/Remediation Actions

Please upgrade to the latest version.

Related

cve 1
cisco 1
nuclei 1
hackerone 10
prion 1
ptsecurity 1
checkpoint_advisories 1
nessus 2
githubexploit 1
cvelist 1
zdt 1
attackerkb 3
nvd 1
packetstorm 1
exploitdb 1
threatpost 1
cve
cve
CVE-2020-3187
2020-05-06 17:15:12
cisco
cisco
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability
2020-05-06 16:00:00
nuclei
nuclei
Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal
2020-07-25 01:53:21
hackerone
hackerone
U.S. Dept Of Defense: https://██████ vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD
2020-11-11 09:18:46
U.S. Dept Of Defense: Unauthenticated Arbitrary File Deletion "CVE-2020-3187" in █████
2020-11-04 22:22:37
U.S. Dept Of Defense: https://██████ vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD
2020-09-21 09:40:35
prion
prion
Directory traversal
2020-05-06 17:15:00
ptsecurity
ptsecurity
PT-2020-02: Reading or deleting arbitrary files in Cisco ASA and Cisco FTD
2019-04-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Cisco Firepower Threat Defense Directory Traversal (CVE-2020-3187)
2020-08-17 00:00:00
nessus
nessus
Cisco Adaptive Security Appliance Software Web Services Path Traversal (cisco-sa-asaftd-path-JE3azWw43)
2020-05-27 00:00:00
Cisco Firepower Threat Defense Software Web Services Path Traversal (cisco-sa-asaftd-path-JE3azWw43)
2020-05-27 00:00:00
githubexploit
githubexploit
Exploit for Path Traversal in Cisco Firepower Threat Defense
2021-06-14 06:27:11
cvelist
cvelist
CVE-2020-3187 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability
2020-05-06 00:00:00
zdt
zdt
Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion Exploit
2020-07-30 00:00:00
attackerkb
attackerkb
CVE-2020-3187
2020-05-06 00:00:00
CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability
2020-07-22 00:00:00
CVE-2020-3580
2020-10-21 00:00:00
nvd
nvd
CVE-2020-3187
2020-05-06 17:15:12
packetstorm
packetstorm
Cisco Adaptive Security Appliance Software 9.7 Arbitrary File Deletion
2020-07-29 00:00:00
exploitdb
exploitdb
Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion
2020-07-29 00:00:00
threatpost
threatpost
Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA
2020-05-07 18:43:04

0.973 High

EPSS

Percentile

99.9%

JSON
Related for H1:1455266
cve1cisco1nuclei1hackerone10prion1ptsecurity1checkpoint_advisories1nessus2githubexploit1cvelist1zdt1attackerkb3nvd1packetstorm1exploitdb1threatpost1