CVE-2023-20017
published 2023-08-16CVE-2023-20017: Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using…
PriorityP260critical9.1CVSS 3.1
AVNACLPRHUINSCCHIHAH
EPSS
0.71%
49.0th percentile
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.
These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
| cisco | cisco_intersight_virtual_appliance | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered by uploading a crafted software package to the Cisco Intersight Private Virtual Appliance; monitor for unexpected or unauthorized software package uploads by Administrator-level accounts. ↗
- →Root-level OS command execution follows a successful exploit; monitor for anomalous root-level process spawning on the Intersight Private Virtual Appliance host, particularly processes descended from the software package extraction workflow. ↗
- →The root cause is insufficient input validation during software package extraction (CWE-78 OS Command Injection); audit and alert on shell metacharacters or unexpected command sequences in package metadata/filenames processed during extraction. ↗
- ·Exploitation requires the attacker to already hold Administrator privileges on the affected device; scope detection efforts to privileged account activity. ↗
- ·Two distinct bug IDs (CSCwc35159 and CSCwc35166) are associated with this advisory, indicating multiple vulnerable code paths related to software package extraction; both should be addressed by patching. ↗
- ·No workarounds exist for these vulnerabilities; patching to a fixed software version is the only remediation. ↗
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
vendor_cisco6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
vendor_cisco·2023-08-16·CVSS 6.5
CVE-2023-20013 [MEDIUM] CWE-78 Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.
These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
Cisco has released software updates that address these vulnerabil
Cisco
Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
vendor_cisco·CVSS 3.1
CVE-2023-20017 Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
CVE-2023-20017: Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root -level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root -level privileges. Cisco has released software updates that address
GHSA
GHSA-4hvg-697f-23pr: Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands usi
ghsa_unreviewed·2023-08-17
CVE-2023-20017 [CRITICAL] CWE-77 GHSA-4hvg-697f-23pr: Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands usi
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.
These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
Suricata
ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017)
suricata·2023-11-08·CVSS 9.8
CVE-2016-20017 [CRITICAL] ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017)
ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017)
Rule: alert http any any -> $HOME_NET any (msg:"ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/login.cgi?cli="; fast_pattern; http.uri.raw; content:"?cli="; content:"%27"; distance:0; reference:url,www.fortinet.com/blog/threat-research/Iz1h9-campaign-enhances-arsenal-with-scores-of-exploits; reference:cve,2016-20017; classtype:attempted-admin; sid:2049119; rev:2; metadata:affected_product D_Link, attack_target Networking_Equipment, created_at 2023_11_08, cve CVE_2016_20017, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_05_22, mitre_tactic_id TA0008
No public exploits indexed.
No writeups or analysis indexed.
2023-08-16
Published