83r71nMar 4, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious security flaw in some Cisco Small Business routers. These routers are used by small businesses to connect to the internet. The flaw, known as CVE-2023-20118, allows hackers to take control of the router and potentially access sensitive information on the network.

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

#cybersecurity #vulnerability #cisco #router #cisa #cve #RV016 #RV042 #RV042G #RV082 #RV320 #RV325

nibessMar 28, 2019
How to (not) patch a command injection vulnerability: if( $http_user_agent ~* "curl"){ return 403; } https://twitter.com/RedTeamPT/status/1110843396657238016 #cisco #RV320 #ios #rce
RedTeam Pentesting on Twitter

β€œ@info_dox @TheHackerNews @bad_packets @hrbrmstr We were also quite surprised to find this /etc/nginx.conf in 1.4.2.20”

Twitter
fedi.absturztau.be Mar 27, 2019
RT @[email protected]

#Cisco Small Business Routers still vulnerable to remote code execution & configuration export due to incomplete patch 🚨 #RCE #RV320 #RV325 New advisories: https://buff.ly/2HIZCV2 https://buff.ly/2U2DKdR https://buff.ly/2WmcCD2

πŸ¦πŸ”—: https://twitter.com/RedTeamPT/status/1110838971867844608
Cisco RV320 Unauthenticated Configuration Export

RedTeam Pentesting discovered that the configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor.