Loading
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Use CWE-121, Cisco vendor hub and Adaptive Security Appliance product page to widen CVE-2021-40118 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-1573, CVE-2021-40117 and CVE-2021-34793 for nearby disclosures in the same product family. Additional editorial context is available in Cybersecurity Weekly Roundup: April 27, 2026 — Critical Zero-Days and Framework Failures.