Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-20209. PoCs published by peter5he1by.
AI-analyzed exploit summary This PoC exploits CVE-2023-20209, a post-authentication command injection vulnerability in Cisco Expressway's CRL updater functionality. It leverages a reverse shell payload injected via the distribution_points parameter after authenticating as an administrator.
Description
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.
Exploits (1)
This PoC exploits CVE-2023-20209, a post-authentication command injection vulnerability in Cisco Expressway's CRL updater functionality. It leverages a reverse shell payload injected via the distribution_points parameter after authenticating as an administrator.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N