5 matches found
Metasploit Wrap-Up
Cisco RV Series Auth Bypass and Command Injection Thanks to community contributor neterum, Metasploit framework just gained an awesome new module which targets Cisco Small Business RV Series Routers. The module actually exploits two vulnerabilities, an authentication bypass CVE-2022-20705 and a...
CVE-2022-20705
creationtimestamp| type| source ---|---|--- 2023-02-14 00:13:40+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscorv340lan.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:42+00:00| seen|...
Cisco RV Series Authentication Bypass / Command Injection Exploit
This Metasploit module exploits two vulnerabilities, a session ID directory traversal authentication bypass CVE-2022-20705 and a command injection vulnerability CVE-2022-20707, on Cisco RV160, RV260, RV340, and RV345 Small Business Routers, allowing attackers to execute arbitrary commands with...
CVE-2022-20705 Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2022-20705
CVE-2022-20705 affects Cisco Small Business RV160, RV260, RV340, and RV345 series routers. Connected docs confirm a session ID directory traversal authentication bypass (and related CVE-2022-20707) exploited by a Metasploit module to execute arbitrary commands with web server privileges, on firmw...