Exposures › CVE-2023-20118
CVE-2023-20118
Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-03-03
Reference
⚡ RCE
⌖ exploited in the wild
shame 65/100
rceexploited-in-wild
Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.
Players implicated
Description
Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.
Affected FedRAMP products 8 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Cisco Cloudlock for Government | Cisco Systems Inc. | Authorized | vendor-exact · 0.90 |
| Cisco Meraki for Government | Cisco Systems Inc. | In Process | vendor-exact · 0.90 |
| Cisco SD-WAN for Government | Cisco Systems Inc. | In Process | vendor-exact · 0.90 |
| Cisco Umbrella for Government | Cisco Systems Inc. | In Process | vendor-exact · 0.90 |
| Cisco Unified Communications Manager Cloud for Government (Cisco UCM Cloud for Government) | Cisco Systems Inc. | Authorized | vendor-exact · 0.90 |
| Duo Federal | Duo Security (A Cisco Company) | Authorized | dex-judge · 0.95 |
| WebEx Contact Center Enterprise for Government (WxCCE-G) | Cisco Systems Inc. | In Process | vendor-exact · 0.90 |
| Webex for Government | Cisco Systems Inc. | Authorized | vendor-exact · 0.90 |