CVE-2023-20128Improper Neutralization of Expression/Command Delimiters in Cisco Small Business RV Series Router Firmware

CWE-146Improper Neutralization of Expression/Command DelimitersCWE-78OS Command Injection6 documents5 sources
Severity
7.2HIGHNVD
EPSS
1.8%
top 17.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Small Business RV Series Router Firmware
Timeline
PublishedApr 5
Latest updateJul 21

Description

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to an affected device. A successful exploit could allow the attacke

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers Command Injection Vulnerabilities2023-04-05
GHSA
GHSA-72q8-fjc4-6c3r: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an aut2023-04-05

🔍Detection Rules

2
Suricata
ET WEB_SPECIFIC_APPS Cisco RV Series Router import_config.cgi USBconfigfile Command Injection Attempt (CVE-2023-20128)2025-07-21
Suricata
ET WEB_SPECIFIC_APPS Cisco Small Business Router RV Series Command Injection (CVE-2023-20128)2025-02-27

📋Vendor Advisories

1
Cisco
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers Command Injection Vulnerabilities2023-04-05
CVE-2023-20128 — Cisco vulnerability | cvebase