Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
CVE-2023-20158

8.6HIGH

Key Information:

Vendor
Cisco
Status
Cisco Small Business Smart And Managed Switches
Vendor
CVE Published:
18 May 2023

Badges

👾 Exploit Exists

Summary

Multiple vulnerabilities within the web-based user interface of specific Cisco Small Business Series Switches allow unauthenticated remote attackers to exploit improper request validation. This exploitation can lead to denial of service (DoS) conditions or the execution of arbitrary code with root privileges. The vulnerabilities arise from the failure to adequately validate incoming requests directed at the device's web interface. For more detailed information, refer to the Cisco advisory detailing these issues.

Affected Version(s)

Cisco Small Business Smart and Managed Switches

References

https://sec.cloudapps.cisco.com/security/center/content/C...
vendor-advisory

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.