CVE-2023-20007
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials.
This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition.
Una vulnerabilidad en la interfaz de administración basada en web de los routers Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN podría permitir que un atacante remoto autenticado ejecute código arbitrario o provocar que se reinicie el proceso de administración basado en web en el dispositivo. inesperadamente, lo que resulta en una condición de denegación de servicio (DoS). El atacante debe tener credenciales de administrador válidas. Esta vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario en la interfaz de administración basada en web. Un atacante podría aprovechar esta vulnerabilidad enviando una entrada HTTP manipulada a un dispositivo afectado. Un exploit exitoso podría permitir al atacante ejecutar código arbitrario como usuario raíz en el sistema operativo subyacente o provocar que el proceso de administración basado en web se reinicie, lo que resultaría en una condición DoS.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-27 CVE Reserved
- 2023-01-19 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Rv340 Firmware Search vendor "Cisco" for product "Rv340 Firmware" | < 1.0.03.29 Search vendor "Cisco" for product "Rv340 Firmware" and version " < 1.0.03.29" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340 Search vendor "Cisco" for product "Rv340" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv340w Firmware Search vendor "Cisco" for product "Rv340w Firmware" | < 1.0.03.29 Search vendor "Cisco" for product "Rv340w Firmware" and version " < 1.0.03.29" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340w Search vendor "Cisco" for product "Rv340w" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv345 Firmware Search vendor "Cisco" for product "Rv345 Firmware" | < 1.0.03.29 Search vendor "Cisco" for product "Rv345 Firmware" and version " < 1.0.03.29" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345 Search vendor "Cisco" for product "Rv345" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv345p Firmware Search vendor "Cisco" for product "Rv345p Firmware" | < 1.0.03.29 Search vendor "Cisco" for product "Rv345p Firmware" and version " < 1.0.03.29" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345p Search vendor "Cisco" for product "Rv345p" | - | - |
Safe
|