Cisco IOX XE Unauthenticated Remote Code Execution Chain Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOX XE Unauthenticated RCE Chain', 'Description' = %q This module leverages both CVE-2023-20198 and CVE-2023-20273 against vulnerable...

Cisco IOX XE Unauthenticated RCE Chain

This module leverages both CVE-2023-20198 and CVE-2023-20273 against vulnerable instances of Cisco IOS XE devices which have the Web UI exposed. An attacker can execute a payload with root privileges. The vulnerable IOS XE versions are: 16.1.1, 16.1.2, 16.1.3, 16.2.1, 16.2.2, 16.3.1, 16.3.2,...