Exploit Cisco Adaptive Security Appliance 8.x - Web VPN FTP or CIFS Authentication Form Phishing

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
33054
Проверка EDB
  1. Пройдено
Автор
DAVID BYRNE
Тип уязвимости
REMOTE
Платформа
HARDWARE
CVE
cve-2009-1203
Дата публикации
2009-05-24
Код:
source: https://www.securityfocus.com/bid/35475/info

Cisco Adaptive Security Appliance (ASA) is prone to a vulnerability that can aid in phishing attacks.

An attacker can exploit this issue to display a fake login window that's visually similar to the device's login window, which may mislead users.

This issue is tracked by Cisco Bug ID CSCsy80709.

The attacker can exploit this issue to set up phishing attacks. Successful exploits could aid in further attacks.

Versions prior to ASA 8.0.4.34 and 8.1.2.25 are vulnerable.


The following example is available:

/+CSCOE+/files/browse.html?code=init&path=ftp%3A%2F%2F7367632e726b6e7a6379722e70627a
 
Источник
www.exploit-db.com

Похожие темы