CVE-2023-20273

7.2

HIGH

Cisco IOS XE Web UI Command Injection Vulnerabilit - [Actively Exploited]

Description

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

INFO

Published Date :

Oct. 25, 2023, 6:17 p.m.

Last Modified :

June 17, 2024, 1:29 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

1.2

CISA Notification

CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Due Date: Oct 27, 2023

Alert Date: Oct 23, 2023 | 332 days ago

Description :

Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.

Required Action :

Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.

Notes :

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z

Public PoC/Exploit Available at Github

CVE-2023-20273 has a 13 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2023-20273 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Cisco	ios_xe
2	Cisco	catalyst_3650
3	Cisco	catalyst_3650-12x48fd-e
4	Cisco	catalyst_3650-12x48fd-l
5	Cisco	catalyst_3650-12x48fd-s
6	Cisco	catalyst_3650-12x48uq
7	Cisco	catalyst_3650-12x48uq-e
8	Cisco	catalyst_3650-12x48uq-l
9	Cisco	catalyst_3650-12x48uq-s
10	Cisco	catalyst_3650-12x48ur
11	Cisco	catalyst_3650-12x48ur-e
12	Cisco	catalyst_3650-12x48ur-l
13	Cisco	catalyst_3650-12x48ur-s
14	Cisco	catalyst_3650-12x48uz
15	Cisco	catalyst_3650-12x48uz-e
16	Cisco	catalyst_3650-12x48uz-l
17	Cisco	catalyst_3650-12x48uz-s
18	Cisco	catalyst_3650-24pd
19	Cisco	catalyst_3650-24pd-e
20	Cisco	catalyst_3650-24pd-l
21	Cisco	catalyst_3650-24pd-s
22	Cisco	catalyst_3650-24pdm
23	Cisco	catalyst_3650-24pdm-e
24	Cisco	catalyst_3650-24pdm-l
25	Cisco	catalyst_3650-24pdm-s
26	Cisco	catalyst_3650-24ps-e
27	Cisco	catalyst_3650-24ps-l
28	Cisco	catalyst_3650-24ps-s
29	Cisco	catalyst_3650-24td-e
30	Cisco	catalyst_3650-24td-l
31	Cisco	catalyst_3650-24td-s
32	Cisco	catalyst_3650-24ts-e
33	Cisco	catalyst_3650-24ts-l
34	Cisco	catalyst_3650-24ts-s
35	Cisco	catalyst_3650-48fd-e
36	Cisco	catalyst_3650-48fd-l
37	Cisco	catalyst_3650-48fd-s
38	Cisco	catalyst_3650-48fq
39	Cisco	catalyst_3650-48fq-e
40	Cisco	catalyst_3650-48fq-l
41	Cisco	catalyst_3650-48fq-s
42	Cisco	catalyst_3650-48fqm
43	Cisco	catalyst_3650-48fqm-e
44	Cisco	catalyst_3650-48fqm-l
45	Cisco	catalyst_3650-48fqm-s
46	Cisco	catalyst_3650-48fs-e
47	Cisco	catalyst_3650-48fs-l
48	Cisco	catalyst_3650-48fs-s
49	Cisco	catalyst_3650-48pd-e
50	Cisco	catalyst_3650-48pd-l
51	Cisco	catalyst_3650-48pd-s
52	Cisco	catalyst_3650-48pq-e
53	Cisco	catalyst_3650-48pq-l
54	Cisco	catalyst_3650-48pq-s
55	Cisco	catalyst_3650-48ps-e
56	Cisco	catalyst_3650-48ps-l
57	Cisco	catalyst_3650-48ps-s
58	Cisco	catalyst_3650-48td-e
59	Cisco	catalyst_3650-48td-l
60	Cisco	catalyst_3650-48td-s
61	Cisco	catalyst_3650-48tq-e
62	Cisco	catalyst_3650-48tq-l
63	Cisco	catalyst_3650-48tq-s
64	Cisco	catalyst_3650-48ts-e
65	Cisco	catalyst_3650-48ts-l
66	Cisco	catalyst_3650-48ts-s
67	Cisco	catalyst_3650-8x24pd-e
68	Cisco	catalyst_3650-8x24pd-l
69	Cisco	catalyst_3650-8x24pd-s
70	Cisco	catalyst_3650-8x24uq
71	Cisco	catalyst_3650-8x24uq-e
72	Cisco	catalyst_3650-8x24uq-l
73	Cisco	catalyst_3650-8x24uq-s
74	Cisco	catalyst_3850
75	Cisco	catalyst_3850-12s-e
76	Cisco	catalyst_3850-12s-s
77	Cisco	catalyst_3850-12x48u
78	Cisco	catalyst_3850-12xs-e
79	Cisco	catalyst_3850-12xs-s
80	Cisco	catalyst_3850-16xs-e
81	Cisco	catalyst_3850-16xs-s
82	Cisco	catalyst_3850-24p-e
83	Cisco	catalyst_3850-24p-l
84	Cisco	catalyst_3850-24p-s
85	Cisco	catalyst_3850-24pw-s
86	Cisco	catalyst_3850-24s-e
87	Cisco	catalyst_3850-24s-s
88	Cisco	catalyst_3850-24t-e
89	Cisco	catalyst_3850-24t-l
90	Cisco	catalyst_3850-24t-s
91	Cisco	catalyst_3850-24u
92	Cisco	catalyst_3850-24u-e
93	Cisco	catalyst_3850-24u-l
94	Cisco	catalyst_3850-24u-s
95	Cisco	catalyst_3850-24xs
96	Cisco	catalyst_3850-24xs-e
97	Cisco	catalyst_3850-24xs-s
98	Cisco	catalyst_3850-24xu
99	Cisco	catalyst_3850-24xu-e
100	Cisco	catalyst_3850-24xu-l
101	Cisco	catalyst_3850-24xu-s
102	Cisco	catalyst_3850-32xs-e
103	Cisco	catalyst_3850-32xs-s
104	Cisco	catalyst_3850-48f-e
105	Cisco	catalyst_3850-48f-l
106	Cisco	catalyst_3850-48f-s
107	Cisco	catalyst_3850-48p-e
108	Cisco	catalyst_3850-48p-l
109	Cisco	catalyst_3850-48p-s
110	Cisco	catalyst_3850-48pw-s
111	Cisco	catalyst_3850-48t-e
112	Cisco	catalyst_3850-48t-l
113	Cisco	catalyst_3850-48t-s
114	Cisco	catalyst_3850-48u
115	Cisco	catalyst_3850-48u-e
116	Cisco	catalyst_3850-48u-l
117	Cisco	catalyst_3850-48u-s
118	Cisco	catalyst_3850-48xs
119	Cisco	catalyst_3850-48xs-e
120	Cisco	catalyst_3850-48xs-f-e
121	Cisco	catalyst_3850-48xs-f-s
122	Cisco	catalyst_3850-48xs-s
123	Cisco	catalyst_3850-nm-2-40g
124	Cisco	catalyst_3850-nm-8-10g

: Total Affected Vendor : 1 | Products : 124

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-20273.

URL	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z	Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

sanan2004/CVE-2023-20198

None

Python

Updated: 3 weeks, 3 days ago

0 stars 0 fork 0 watcher

Born at : Aug. 26, 2024, 8:16 a.m. This repo has been linked 2 different CVEs too.

shikha1149myprojects/LogAnalysis-IncidentResponse

None

Updated: 2 months, 1 week ago

0 stars 0 fork 0 watcher

Born at : June 26, 2024, 5:33 a.m. This repo has been linked 2 different CVEs too.

smokeintheshell/CVE-2023-20273

CVE-2023-20273 Exploit PoC

Python

Updated: 1 month ago

8 stars 3 fork 3 watcher

Born at : Dec. 9, 2023, 7:25 a.m. This repo has been linked 1 different CVEs too.

smokeintheshell/CVE-2023-20198

CVE-2023-20198 Exploit PoC

Python

Updated: 1 month ago

36 stars 6 fork 6 watcher

Born at : Nov. 16, 2023, 4:39 p.m. This repo has been linked 2 different CVEs too.

cadencejames/Check-HttpServerStatus

Checks the status of 'ip http server' and 'ip http secure-server' on Cisco networking devices

PowerShell

Updated: 10 months, 2 weeks ago

0 stars 0 fork 0 watcher

Born at : Nov. 2, 2023, 4:35 p.m. This repo has been linked 2 different CVEs too.

Shadow0ps/CVE-2023-20198-Scanner

This is a webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273

Python

Updated: 7 months, 1 week ago

29 stars 5 fork 5 watcher

Born at : Oct. 23, 2023, 7:25 p.m. This repo has been linked 2 different CVEs too.

fox-it/cisco-ios-xe-implant-detection

Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)

cisco cisco-ios-xe cve-2023-20198 cve-2023-20273 iocisco pcap suricata badcandy

Python

Updated: 4 months, 1 week ago

37 stars 7 fork 7 watcher

Born at : Oct. 23, 2023, 2:52 p.m. This repo has been linked 3 different CVEs too.

aleff-github/my-flipper-shits

Free and libre source BadUSB payloads for Flipper Zero. [Windows, GNU/Linux, iOS]

flipper-zero flipperzero flipper-badusb flipper-zero-payload hak5 rubberducky badusb duckyscript linux open-source windows free badusb-payloads free-payloads ios iphone

PowerShell Python Shell HTML JavaScript TeX

Updated: 1 week, 4 days ago

1055 stars 70 fork 70 watcher

Born at : Jan. 4, 2023, 10:05 a.m. This repo has been linked 5 different CVEs too.

H4lo/awesome-IoT-security-article

Collect some iot-related security articles, including vulnerability analysis, security conferences and papers, etc.

iot-security

Updated: 1 week, 6 days ago

211 stars 27 fork 27 watcher

Born at : Dec. 6, 2022, 1:11 p.m. This repo has been linked 46 different CVEs too.

f1tao/awesome-iot-security-resource

awesome iot exploit resource

iot security awesome awesome-list firmware hardware-hacking iot-device iot-security embedded exploit vulnerability

Updated: 1 week, 4 days ago

36 stars 4 fork 4 watcher

Born at : Nov. 13, 2022, 11:03 p.m. This repo has been linked 25 different CVEs too.

Ostorlab/KEV

Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.

cisa-kev vulnerability 0day cisa exploits

Updated: 1 week, 5 days ago

516 stars 32 fork 32 watcher

Born at : April 19, 2022, 8:58 a.m. This repo has been linked 1181 different CVEs too.

aleff-github/aleff-github

None

Updated: 2 months, 1 week ago

1 stars 0 fork 0 watcher

Born at : Nov. 16, 2020, 2:26 p.m. This repo has been linked 5 different CVEs too.

nomi-sec/PoC-in-GitHub

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

security cve exploit poc vulnerability

Updated: 1 week, 4 days ago

6375 stars 1107 fork 1107 watcher

Born at : Dec. 8, 2019, 1:03 p.m. This repo has been linked 904 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-20273 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-20273 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

Modified Analysis by [email protected]

Jun. 17, 2024

Action Type Old Value New Value

Removed CWE NIST NVD-CWE-noinfo

Added CWE NIST CWE-78
CVE Modified by [email protected]

May. 14, 2024

Action Type Old Value New Value

Action	Type	Old Value	New Value
Removed	CWE	NIST NVD-CWE-noinfo
Added	CWE		NIST CWE-78

CVE Modified by [email protected]

Jan. 25, 2024

Action	Type	Old Value	New Value
Removed	Reference	Cisco Systems, Inc. http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html
Added	CWE		Cisco Systems, Inc. CWE-78

Modified Analysis by [email protected]

Nov. 15, 2023

Action	Type	Old Value	New Value
Changed	Reference Type	http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html No Types Assigned	http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html Exploit, Third Party Advisory, VDB Entry

CVE Modified by [email protected]

Nov. 14, 2023

Action Type Old Value New Value

Added Reference Cisco Systems, Inc. http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html [No types assigned]

Action	Type	Old Value	New Value
Added	Reference		Cisco Systems, Inc. http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html [No types assigned]

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Changed	Description	A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.	A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Initial Analysis by [email protected]

Oct. 31, 2023

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Changed	Reference Type	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z No Types Assigned	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z Vendor Advisory
Added	CWE		NIST NVD-CWE-noinfo
Added	CPE Configuration		OR cpe:2.3:o:cisco:ios_xe::::::::* versions from (including) 17.3 up to (excluding) 17.3.8a cpe:2.3:o:cisco:ios_xe::::::::* versions from (including) 17.6 up to (excluding) 17.6.6a cpe:2.3:o:cisco:ios_xe::::::::* versions from (including) 17.9 up to (excluding) 17.9.4a
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xe::::::::* versions from (including) 16.12 up to (excluding) 16.12.10a OR cpe:2.3:h:cisco:catalyst_3650:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24td-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24td-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24td-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48td-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48td-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48td-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12s-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12s-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12x48u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24s-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24s-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::* cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-20273 is associated with the following CWEs:

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-20273 weaknesses.

CAPEC-6: Argument Injection Argument Injection CAPEC-15: Command Delimiters Command Delimiters CAPEC-43: Exploiting Multiple Input Interpretation Layers Exploiting Multiple Input Interpretation Layers CAPEC-88: OS Command Injection OS Command Injection CAPEC-108: Command Line Execution through SQL Injection Command Line Execution through SQL Injection

CVE-2023-20273

Cisco IOS XE Web UI Command Injection Vulnerabilit - [Actively Exploited]

Description

INFO

Oct. 25, 2023, 6:17 p.m.

June 17, 2024, 1:29 p.m.

Yes !

5.9

1.2

CISA KEV (Known Exploited Vulnerabilities)

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

3.83 }} -0.62%

0.92072

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable