module
Cisco RV Series Authentication Bypass and Command Injection
| Disclosed | Created |
|---|---|
| 11/02/2021 | 02/14/2023 |
Disclosed
11/02/2021
Created
02/14/2023
Description
This module exploits two vulnerabilities, a session ID directory traversal authentication
bypass (CVE-2022-20705) and a command injection vulnerability (CVE-2022-20707), on Cisco RV160, RV260, RV340,
and RV345 Small Business Routers, allowing attackers to execute arbitrary commands with www-data user privileges.
This access can then be used to pivot to other parts of the network. This module works on firmware
versions 1.0.03.24 and below.
bypass (CVE-2022-20705) and a command injection vulnerability (CVE-2022-20707), on Cisco RV160, RV260, RV340,
and RV345 Small Business Routers, allowing attackers to execute arbitrary commands with www-data user privileges.
This access can then be used to pivot to other parts of the network. This module works on firmware
versions 1.0.03.24 and below.
Authors
Biem PhamNeterumjbaines-r7
Platform
Linux,Unix
Architectures
cmd, armle
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use exploit/linux/http/cisco_rv340_lan
msf /(n) > show actions
...actions...
msf /(n) > set ACTION < action-name >
msf /(n) > show options
...show and set options...
msf /(n) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.