Skip to content
/ CVE-2020-3153 Public

POC code for CVE-2020-3153 - Cisco anyconnect path traversal vulnerability

License

GPL-3.0 license
6 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shubham0d/CVE-2020-3153

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
CiscoAnyconnectExploit
CiscoAnyconnectExploit
 
 
CiscoAnyconnectExploit.sln
CiscoAnyconnectExploit.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
actoast.dll
actoast.dll
 
 

Repository files navigation

CVE-2020-3153

POC code for CVE-2020-3153 - Cisco anyconnect path traversal vulnerability

Read more about the vulnerability here: https://ssd-disclosure.com/ssd-advisory-cisco-anyconnect-privilege-elevation-through-path-traversal/

Steps to follow to get Windows shell on desktop with SYSTEM privilege:

  1. In file class1.cs, Change the Username string to your user account directory in CAC-nc-install commandline parameter.
  2. Create directory path "Program Files (x86)/Cisco/Cisco AnyConnect Secure Mobility Client/Plugins/" inside your userhome.
  3. Copy actoast.dll on the above path.

POC demo video

CVE-2020-3153 POC

Follow my work at: https://nixhacker.com

About

POC code for CVE-2020-3153 - Cisco anyconnect path traversal vulnerability

Topics

exploit anyconnect path-transversal cve-2020-3153

Resources

Readme

License

GPL-3.0 license
Activity

Stars

6 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages