API tools faq
paste
pasteah

CVE-2025-20333

pasteah
Sep 26th, 2025
440
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.93 KB | None | 0 0
raw download clone embed print report
  1. CVE-2025-20333
  2. Description:
  3. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.
  4.  
  5. Attack Vector:
  6. NETWORK
  7.  
  8. Attack Complexity:
  9. LOW
  10.  
  11. Weaknesses:
  12. CWE-120
  13.  
  14. References:
  15. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB
  16. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
Advertisement
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!