.. / CVE-2023-20073

Exploit for Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers - Unauthenticated Arbitrary File Upload (CVE-2023-20073)

Description:

A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement mechanisms in the context of file uploads. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to upload arbitrary files to the affected device.

Affected Products:

Proof of Concept

PoC exploit

Nuclei Template

View the template here CVE-2023-20073.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-20073.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-20073
https://unsafe.sh/go-173464.html
https://gist.github.com/win3zz/076742a4e365b1bba7e2ba0ebea9253f
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-afu-EXxwA65V