CVE-2020-3580 - Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software XSS.
Clone the repository
git clone https://github.com/imhunterand/CVE-2020-3580.git
Go to the newly created directory
cd CVE-2020-3580
To download the requirements
pip3 install -r requirements.txt
pip install -r requirements.txt
To run the script
python main.py
Additional exploits for XSS in Cisco ASA devices discovered by @Pwn0sec
- Stage (address change me)
- Demonstrate
- Logon to Cisco ASA WebVPN
- Visit staged malicious page
- Recover your credentials
- Patch ;)