- Description
- A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.
- Source
- psirt@cisco.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@cisco.com
- CWE-293
- Hype score
- Not currently trending
Cisco Small Business Routers Vulnerabilities (CVE-2023-20025 and CVE-2023-20026 and CVE-2023-20118) #Cisco #CiscoSmallBusinessRouter #CVE202320025 #CVE202320026 #CVE202320118 #CyberSecurity https://t.co/Bu3I1fbM1h https://t.co/tyFIYvwMOh
@SystemTek_UK
8 Mar 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cybersecurity guy here. The NIST and federal government is hiding the fact that the entire internet is comprised. Chaining exploits has created a HUGE vulnerability CVE-2018-8639, CVE-2023-20118, CVE-2023-20025… don’t believe me? Look it up @elonmusk @teameffujoe @JackPosobiec
@erickman1979
7 Mar 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA has identified vulnerabilities CVE-2023-20118 and CVE-2018-8639 in Cisco and Windows systems as actively exploited. CVE-2023-20118 allows command execution on specific VPN routers via an authentication bypass (CVE-2023-20025). https://t.co/q4hhOQPpoN
@securityRSS
4 Mar 2025
51 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCC05438-3064-4FB6-9177-9EA60C8E250C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "701E3CF5-15C0-419A-97A8-9BD2C55D74AB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5A39236-B032-46BB-94D0-3E0E3E557BC0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E699C11F-3C7C-420D-9243-5CD2A6B98EF2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EF65E38-D812-4F6E-903C-05E203F3E9F6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "24FC4446-22C0-4EC9-84B4-A76412680105"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]