CVE-2020-3452CISA KEVEPSS p100.0%

CVE-2020-3452Cisco ASA and FTD Read-Only Path Traversal Vulnerability

Cisco / Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Description

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.

Scoring

EPSS99.99% probability of exploitation · percentile 100.0% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryCisco ASA and FTD Read-Only Path Traversal Vulnerabilitykev-cve-2020-34520%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability
CVE
Cisco ASA and FTD Information Disclosure Vulnerability
CVE
CVE-2025-20363
CVE
Cisco ASA and FTD Privilege Escalation Vulnerability
CVE
Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability
CVE
CVE-2025-20251
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.