ID

VAR-202309-0548


CVE

CVE-2023-20250


DESCRIPTION

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device

Trust: 0.99

sources: NVD: CVE-2023-20250 // VULMON: CVE-2023-20250

AFFECTED PRODUCTS

vendor:ciscomodel:rv215wscope:eqversion:1.0.0.30

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.51

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.1.6

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.1.4

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.2.99

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.0.14

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.0.15

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.52

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.1.5

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.0.8

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.45

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.2.1

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.22

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.16

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.0.21

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.2.7

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.28

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.1.7

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.0.7

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.0.9

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.14

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.0.4

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.0.21

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.55

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.1.99

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.2.8

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.44

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.0.14

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.1.7

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.0.99

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.2.5

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.1.3

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.54

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.1.0.6

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.1.0.9

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.22

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.0.8

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.16

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.51

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.0.10

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.0.99

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.1.4

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.0.7

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.2.4

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.1.1

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.1.1

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.0.15

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.52

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.0.2

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.0.21

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.0.10

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.1.99

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.2.99

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.0.8

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.1.6

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.45

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.1.0.5

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.1.4

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.1.7

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.2.5

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.2.7

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.1.0.6

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.0.8

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.1.7

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.1.0.5

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.14

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.2.4

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.28

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.1.1

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.1.1

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.0.2

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.0.9

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.2.8

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.0.10

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.1.6

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.55

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.1.4

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.22

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.0.99

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.16

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.54

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.0.30

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.44

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.51

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.0.7

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.1.0.5

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.1.3

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.1.1

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.1.0.9

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.0.21

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.1.99

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.28

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.0.99

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.1.4

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.0.15

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.0.9

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.0.8

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.2.1

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.1.5

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.1.7

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.2.5

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.1.0.6

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.55

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.2.99

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.0.8

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.2.7

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.44

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.1.5

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.2.4

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.1.1

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.1.3

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.0.4

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.1.0.9

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.1.1

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.0.2

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.0.14

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.54

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.1.7

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.0.10

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.1.6

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.0.99

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.1.4

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.14

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.1.4

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.3.0.4

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.22

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.2.8

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.16

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.2.99

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.0.30

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.1.0.5

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.1.5

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.0.7

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.0.99

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.54

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.28

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.0.30

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.51

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.1.99

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.52

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.2.0.9

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.1.7

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.3.45

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.2.1

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.55

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.0.3.14

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.1.7

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.3.0.4

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.2.5

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.0.15

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.52

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.3.44

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.1.0.6

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.2.8

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.0.8

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.0.8

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.3.45

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.2.2.1

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.0.1.3

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.1.0.9

Trust: 1.0

vendor:ciscomodel:rv215wscope:eqversion:1.2.0.99

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.2.4

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.3.1.1

Trust: 1.0

vendor:ciscomodel:rv130wscope:eqversion:1.0.2.7

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.0.99

Trust: 1.0

vendor:ciscomodel:rv110wscope:eqversion:1.3.1.4

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.0.0.2

Trust: 1.0

vendor:ciscomodel:rv130scope:eqversion:1.2.0.14

Trust: 1.0

sources: NVD: CVE-2023-20250

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-20250
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20250
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2023-20250
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20250
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 5.2
version: 3.1

Trust: 1.0

sources: NVD: CVE-2023-20250 // NVD: CVE-2023-20250

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2023-20250

PATCH

title:Cisco: Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Stack Overflow Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sb-rv-stack-SHYv2f5N

Trust: 0.1

sources: VULMON: CVE-2023-20250

EXTERNAL IDS

db:NVDid:CVE-2023-20250

Trust: 1.1

db:VULMONid:CVE-2023-20250

Trust: 0.1

sources: VULMON: CVE-2023-20250 // NVD: CVE-2023-20250

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv-stack-shyv2f5n

Trust: 1.2

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-20250 // NVD: CVE-2023-20250

SOURCES

db:VULMONid:CVE-2023-20250
db:NVDid:CVE-2023-20250

LAST UPDATE DATE

2024-08-14T15:00:05.930000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-20250date:2023-09-07T00:00:00
db:NVDid:CVE-2023-20250date:2024-01-25T17:15:41.117

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-20250date:2023-09-06T00:00:00
db:NVDid:CVE-2023-20250date:2023-09-06T17:15:50.100