Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-20713 PoC — Cisco Adaptive Security Appliances Software 跨站脚本漏洞

Source
https://github.com/s1d6point7bugcrowd/CVE-2022-20713-Vulnerability-Detection-Script
Associated Vulnerability
Title:Cisco Adaptive Security Appliances Software 跨站脚本漏洞 (CVE-2022-20713)
Description:Cisco ASA是美国思科(Cisco)公司的一系列应用于企业安全的防火墙。 Cisco Adaptive Security Appliance (ASA) Software存在跨站脚本漏洞,该漏洞源于对传递给无客户端 SSL VPN 组件的输入验证不正确。
Readme
# CVE-2022-20713 Vulnerability Detection Script

This Python script detects the presence of the CVE-2022-20713 vulnerability in Cisco ASA Software's Clientless SSL VPN (WebVPN) component.

## Description

A vulnerability exists in the Clientless SSL VPN (WebVPN) component of Cisco ASA Software that allows an unauthenticated, remote attacker to conduct browser-based attacks, including cross-site scripting (XSS) attacks, by exploiting improper input validation in certain endpoints.

This script automates the detection of one such endpoint (`/+CSCOE+/logon.html`) that indicates potential exposure to this vulnerability.

## Requirements

- Python 3.x
- `requests` library
File Snapshot

 [4.0K]  /data/pocs/71182302375bde39673a4daae8fe800a31fb5084
├── [1.4K]  CVE-2022-20713.py
├── [1.0K]  LICENSE
└── [ 677]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.