CVE-2026-20069 — HTTP Request Smuggling in Cisco Secure Firewall Adaptive Security Appliance Software

CWE-444 — HTTP Request Smuggling4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.0%

top 93.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Firewall Adaptive Security Appliance Software Cisco Secure Firewall Threat Defense Software

Timeline

PublishedMar 4

Description

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious HTTP requests to a d…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco/cisco_secure_firewall_adaptive_security_appliance_software151 versions+150

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_software75 versions+74

🔴Vulnerability Details

GHSA

GHSA-gr7r-qqx6-v859: A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat↗2026-03-04

▶

CVEList

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability↗2026-03-04

▶

📋Vendor Advisories

Cisco

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability↗2026-03-04

▶