# N/A
## 漏洞概述
Cisco正在更新对Cisco IOS XE Software中Web UI功能被利用情况进行的持续调查。本次更新包括已修复版本列表,并添加了软件检测器。攻击者首先利用CVE-2023-20198获得了初始访问权限,并使用该权限创建了一个本地用户和密码组合,然后利用另一个Web UI功能组件提升权限至root,并将恶意代码写入文件系统。
## 影响版本
Cisco IOS XE Software(具体版本请参见修复列表)
## 细节
1. 攻击者首先利用CVE-2023-20198获取初始访问权限并创建一个本地用户和密码组合。
2. 使用创建的本地用户账号提升权限至root,并将恶意代码写入文件系统中。
## 影响
- **CVE-2023-20198**: CVSS评分10.0,可利用该漏洞获得系统控制权限。
- **CVE-2023-20273**: CVSS评分7.2,可利用该漏洞提升权限并持久化恶意代码。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | None | https://github.com/raystr-atearedteam/CVE-2023-20198-checker | POC详情 |
| 2 | CVE-2023-20198 Checkscript | https://github.com/Atea-Redteam/CVE-2023-20198 | POC详情 |
| 3 | cisco-CVE-2023-20198-tester | https://github.com/securityphoenix/cisco-CVE-2023-20198-tester | POC详情 |
| 4 | None | https://github.com/emomeni/Simple-Ansible-for-CVE-2023-20198 | POC详情 |
| 5 | CVE-2023-20198 & 0Day Implant Scanner | https://github.com/ZephrFish/CVE-2023-20198-Checker | POC详情 |
| 6 | Checker for CVE-2023-20198 , Not a full POC Just checks the implementation and detects if hex is in response or not | https://github.com/JoyGhoshs/CVE-2023-20198 | POC详情 |
| 7 | CVE-2023-20198 PoC (!) | https://github.com/Tounsi007/CVE-2023-20198 | POC详情 |
| 8 | This script can identify if Cisco IOS XE devices are vulnerable to CVE-2023-20198 | https://github.com/alekos3/CVE_2023_20198_Detector | POC详情 |
| 9 | Ansible Playbook for CVE-2023-20198 | https://github.com/ditekshen/ansible-cve-2023-20198 | POC详情 |
| 10 | None | https://github.com/reket99/Cisco_CVE-2023-20198 | POC详情 |
| 11 | 1vere$k POC on the CVE-2023-20198 | https://github.com/iveresk/cve-2023-20198 | POC详情 |
| 12 | CISCO CVE POC SCRIPT | https://github.com/sohaibeb/CVE-2023-20198 | POC详情 |
| 13 | Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273) | https://github.com/fox-it/cisco-ios-xe-implant-detection | POC详情 |
| 14 | A PoC for CVE 2023-20198 | https://github.com/Pushkarup/CVE-2023-20198 | POC详情 |
| 15 | This is a webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273 | https://github.com/Shadow0ps/CVE-2023-20198-Scanner | POC详情 |
| 16 | Check a target IP for CVE-2023-20198 | https://github.com/kacem-expereo/CVE-2023-20198 | POC详情 |
| 17 | None | https://github.com/mr-r3b00t/CVE-2023-20198-IOS-XE-Scanner | POC详情 |
| 18 | None | https://github.com/ohlawd/CVE-2023-20198 | POC详情 |
| 19 | None | https://github.com/IceBreakerCode/CVE-2023-20198 | POC详情 |
| 20 | An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers | https://github.com/sanjai-AK47/CVE-2023-20198 | POC详情 |
| 21 | CVE-2023-20198 Exploit PoC | https://github.com/smokeintheshell/CVE-2023-20198 | POC详情 |
| 22 | Check for and remediate conditions that make an IOS-XE device vulnerable to CVE-2023-20198 | https://github.com/netbell/CVE-2023-20198-Fix | POC详情 |
| 23 | Cisco CVE-2023-20198 | https://github.com/Vulnmachines/Cisco_CVE-2023-20198 | POC详情 |
| 24 | An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers | https://github.com/RevoltSecurities/CVE-2023-20198 | POC详情 |
| 25 | CVE-2023-20198-RCE, support adding/deleting users and executing cli commands/system commands. | https://github.com/W01fh4cker/CVE-2023-20198-RCE | POC详情 |
| 26 | None | https://github.com/sanan2004/CVE-2023-20198 | POC详情 |
| 27 | 🚨 Just completed a detailed investigation for Event ID 193: "SOC231 - Cisco IOS XE Web UI ZeroDay (CVE-2023-20198)" via @LetsDefend.io. The attacker successfully bypassed authentication, gaining admin control over the device! Immediate containment was critical. Stay vigilant! 💻🔐 | https://github.com/AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198- | POC详情 |
| 28 | CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。 | https://github.com/XiaomingX/CVE-2023-20198-poc | POC详情 |
| 29 | CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。 | https://github.com/XiaomingX/cve-2023-20198-poc | POC详情 |
| 30 | A go-exploit to scan for implanted Cisco IOS XE Systems cve-2023-20198, go-exploit | https://github.com/unsightlyabol/cisco-ios-xe-implant-scanner | POC详情 |
| 31 | Exploit PoC for CVE-2023-20198 | https://github.com/G4sul1n/Cisco-IOS-XE-CVE-2023-20198 | POC详情 |
| 32 | Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system. For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory. Cisco will provide updates on the status of this investigation and when a software patch is available. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-20198.yaml | POC详情 |
| 33 | None | https://github.com/Arshit01/CVE-2023-20198 | POC详情 |
暂无评论