MadDud (8)

Last Login: September 08, 2021
Assessments
2
Score
8

MadDud's Latest (2) Contributions

Sort by:
Filter by:
3
Ratings
  • Attacker Value
    Medium
  • Exploitability
    Very High
Technical Analysis

Proof of Concept of the XSS attack is publicly available.

This is an XSS attack, which doesn’t require authentication to plant the code, but it requires user interaction (visit something in web interface) to trigger it.

Original tweet: https://twitter.com/ptswarm/status/1408050644460650502
Copy of tweet (screenshot) and analysis https://www.tenable.com/blog/cve-2020-3580-proof-of-concept-published-for-cisco-asa-flaw-patched-in-october

3
Ratings
  • Attacker Value
    Very High
  • Exploitability
    Very High