VDB
CVE-2023-20073
CVE-2023-20073
PUBLISHED
Es existiert eine Schwachstelle in Cisco Small Business. Diese besteht im webbasierten Management-Interface und ermöglicht das Hochladen beliebiger Dateien. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Dateien zu manipulieren.
EPSS 91.34% · 99.7th percentile
Risk Scores
EPSS Score
91.34%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Small Business RV340 Dual WAN Gigabit VPN Routers | |
| Cisco | Cisco Small Business RV345 Dual WAN Gigabit VPN Routers | |
| Cisco | Cisco Small Business RV345P Dual WAN Gigabit POE VPN Routers | |
| Cisco | Cisco Small Business RV340W Dual WAN Gigabit Wireless-AC VPN Routers |
Exploit Intelligence
- PoC based on https://unsafe[.]sh/go-173464.html research (github-poc)
- PoC based on https://unsafe[.]sh/go-173464.html research (github-poc)
- PoC based on https://unsafe[.]sh/go-173464.html research (github-poc)
- PoC based on https://unsafe[.]sh/go-173464.html research (github-poc)
- PoC based on https://unsafe[.]sh/go-173464.html research (github-poc)
- PoC based on https://unsafe[.]sh/go-173464.html research (github-poc)
- CIRCL exploited: CVE-2023-20073 (circl-sighting)
- 20230202 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload Vulnerability (circl)
- ET WEB_SPECIFIC_APPS Cisco RV Series Router form-file-upload Stored Cross Site Scripting Attempt (CVE-2023-20073) (emergingthreats)
- ET WEB_SPECIFIC_APPS Cisco RV Series Router form-file-upload Stored Cross Site Scripting Attempt (CVE-2023-20073) (emergingthreats)
…and 19 more exploits
Timeline
- Feb 1, 2023 CVE Published
- Apr 6, 2023 EPSS Score
- Aug 27, 2023 EPSS Score
- Sep 26, 2023 EPSS Score
- Feb 23, 2024 EPSS Score
- Mar 5, 2024 EPSS Score
- May 7, 2024 EPSS Score
- May 19, 2024 EPSS Score
- Jun 14, 2024 EPSS Score
- Jul 23, 2024 EPSS Score
- Sep 2, 2024 EPSS Score
- Sep 15, 2024 EPSS Score