CVE-2023-20026

Published: 20/01/2023 Updated: 25/01/2024

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could allow an authenticated, remote malicious user to inject arbitrary commands on an affected device. This vulnerability is due to improper validation of user input fields within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the malicious user to execute arbitrary commands on an affected device with root-level privileges. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco rv016_firmware -
cisco rv042_firmware -
cisco rv042g_firmware -
cisco rv082_firmware -

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device For more information about these vulnerabilities, see the Details section of thi ...

CWE-20 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5 https://nvd.nist.gov https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-20026

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect