CVE-2009-1220

Cisco ASA 7.2(4.30)/8.0(4.28) and earlier - XSS via Host HTTP Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1220. PoCs published by Bugs NotHugs.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Cisco ASA by injecting a malicious script into the Host header of a POST request to the WebVPN login page. The payload triggers an alert dialog, proving arbitrary script execution in the context of the affected site.

Description

Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Bugs NotHugs · textremotehardware

https://www.exploit-db.com/exploits/32878

View Code ZIP pw:eip

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Cisco ASA by injecting a malicious script into the Host header of a POST request to the WebVPN login page. The payload triggers an alert dialog, proving arbitrary script execution in the context of the affected site.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Cisco ASA software versions 8.0.4(2B) and prior on ASA 5500 Series

No auth needed

Prerequisites: Access to the WebVPN login page · Victim interaction (e.g., clicking a malicious link)

MITRE ATT&CK