Share
## https://sploitus.com/exploit?id=72916585-2081-5164-9B1F-DA7BB429F2F7
# CVE-2020-3452 Scanner
A safe, non-destructive Python scanner for **Cisco ASA / FTD WebVPN Directory Traversal (CVE-2020-3452)**.
> **CVE-2020-3452** is a critical unauthenticated path traversal vulnerability that allows remote attackers to read arbitrary files on the Cisco ASA or FTD device.
---
## Overview
This tool tests whether an attacker can read sensitive files (such as portal pages, scripts, and configuration-related files) without authentication by exploiting the directory traversal flaw in the WebVPN translation-table endpoint.
**Note**: This script only performs GET requests and does **not** attempt exploitation or write any data.
### Vulnerability Details
- **CVE ID**: CVE-2020-3452
- **Severity**: High (CVSS 7.5)
- **Type**: Path Traversal (Directory Traversal)
- **Affected Products**: Cisco ASA, Cisco FTD, Cisco Firepower Management Center (with WebVPN enabled)
- **Impact**: Unauthenticated remote file disclosure
---
## Features
- Tests the classic translation-table traversal vector
- Checks multiple sensitive WebVPN files
- Clear vulnerability indicators
- Easy-to-read console output
---
## Installation
```bash
git clone https://github.com/curtishoughton/CVE-2020-3452-Cisco-Python-Scanner.git
cd CVE-2020-3452-Cisco-Python-Scanner
pip install requests
```
## Usage
```
python cve_2020_3452_Python-scanner.py https://target-asa.example.com
```