CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2023-20025

CVSS 9.0v3.1pub. 2023-01-20upd. 2025-04-07

A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Cisco Rv016

    HW
    Cisco
    wszystkie wersje
  • Cisco Rv016 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Rv042

    HW
    Cisco
    wszystkie wersje
  • Cisco Rv042 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Rv042g

    HW
    Cisco
    wszystkie wersje
  • Cisco Rv042g Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Rv082

    HW
    Cisco
    wszystkie wersje
  • Cisco Rv082 Firmware

    OS
    Cisco
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2017-3882CRITICAL9.6ten sam produkt

A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Route...

CVE-2020-3275HIGH7.2ten sam produkt

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series ...

CVE-2020-3276HIGH7.2ten sam produkt

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series ...

CVE-2020-3277HIGH7.2ten sam produkt

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series ...

CVE-2020-3274HIGH7.2ten sam produkt

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series ...