Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple vulnerabilities were found in the web-based management interface of Cisco Small Business Routers. The authentication bypass vulnerability (CVE-2023-20025) allows an unauthenticated attacker to bypass authentication on an affected device by manipulating user input in incoming HTTP packets. The remote command execution vulnerability (CVE-2023-20026) allows an authenticated attacker to execute arbitrary commands on an affected device by manipulating user input in incoming HTTP packets.