Vulnslist

find the latest Cisco vulnerabilities

CVE-2025-20251

A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. If critical system files are manipulated, new Remote Access SSL VPN sessions could be denied and existing sessions could be dropped, causing a denial of service (DoS) condition. An exploited device requires a manual reboot to recover. This vulnerability is due to insufficient input validation when processing HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to create or delete files on the underlying operating system, which could cause the Remote Access SSL VPN service to become unresponsive. To exploit this vulnerability, the attacker must be authenticated as a VPN user of the affected device.

SeverityHIGH
CVSS8.5
EPSS-
CWECWE-1287
KEV
Published
Modified

Related Products

Product Advisory
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Secure Firewall Threat Defense (FTD) Software cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Firepower 2100 Series cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Firepower 1000 Series cisco-sa-asaftd-http-file-hUyX2jL4
Cisco ASA 5500-X Series Firewalls cisco-sa-asaftd-http-file-hUyX2jL4
Cisco 3000 Series Industrial Security Appliances (ISA) cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Firepower 9000 Series cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Firepower 4100 Series cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Adaptive Security Virtual Appliance (ASAv) cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Secure Firewall 3100 Series cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Secure Firewall 4200 Series cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Secure Firewall 1200 Series cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Secure Firewall Threat Defense Virtual cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Adaptive Security Appliance (ASA) Software cisco-sa-asaftd-http-file-hUyX2jL4
Cisco Firepower Threat Defense Software cisco-sa-asaftd-http-file-hUyX2jL4
Cisco 3000 Series Routers cisco-sa-asaftd-http-file-hUyX2jL4