6 matches found
Metasploit Wrap-Up
Cisco RV Series Auth Bypass and Command Injection Thanks to community contributor neterum, Metasploit framework just gained an awesome new module which targets Cisco Small Business RV Series Routers. The module actually exploits two vulnerabilities, an authentication bypass CVE-2022-20705 and a...
Cisco RV Series Authentication Bypass / Command Injection Exploit
This Metasploit module exploits two vulnerabilities, a session ID directory traversal authentication bypass CVE-2022-20705 and a command injection vulnerability CVE-2022-20707, on Cisco RV160, RV260, RV340, and RV345 Small Business Routers, allowing attackers to execute arbitrary commands with...
CVE-2022-20707 Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2022-20707
Cisco CVE-2022-20707 affects Cisco Small Business RV160/RV260/RV340/RV345 Series Routers. The connected Exploit module describes a command injection vulnerability (and accompanying authentication bypass) enabling arbitrary command execution, demonstrated on firmware 1.0.03.24 and earlier, with ww...
CVE-2022-20707
creationtimestamp| type| source ---|---|--- 2022-02-05 15:10:07+00:00| published-proof-of-concept| https://t.me/NeKaspersky/1769 2022-02-10 20:17:04+00:00| seen| https://t.me/cibsecurity/37232 2023-02-14 00:13:40+00:00| seen|...
Critical Flaws Discovered in Cisco Small Business RV Series Routers
Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept PoC exploit code targeting some of these bugs. Three ...