目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2023-20198 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
未保护的候选通道
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Cisco IOS XE Software 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Cisco IOS XE Software是美国思科(Cisco)公司的一个操作系统。用于企业有线和无线访问,汇聚,核心和WAN的单一操作系统,Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE Software 存在安全漏洞,该漏洞源于允许未经身份验证的远程攻击者在受影响的系统上创建具有特权的帐户。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
CiscoCisco IOS XE Software 16.1.1 -
二、漏洞 CVE-2023-20198 的公开POC
#POC 描述源链接神龙链接
1Nonehttps://github.com/raystr-atearedteam/CVE-2023-20198-checkerPOC详情
2CVE-2023-20198 Checkscripthttps://github.com/Atea-Redteam/CVE-2023-20198POC详情
3cisco-CVE-2023-20198-tester https://github.com/securityphoenix/cisco-CVE-2023-20198-testerPOC详情
4Nonehttps://github.com/emomeni/Simple-Ansible-for-CVE-2023-20198POC详情
5CVE-2023-20198 & 0Day Implant Scannerhttps://github.com/ZephrFish/CVE-2023-20198-CheckerPOC详情
6Checker for CVE-2023-20198 , Not a full POC Just checks the implementation and detects if hex is in response or nothttps://github.com/JoyGhoshs/CVE-2023-20198POC详情
7CVE-2023-20198 PoC (!)https://github.com/Tounsi007/CVE-2023-20198POC详情
8This script can identify if Cisco IOS XE devices are vulnerable to CVE-2023-20198https://github.com/alekos3/CVE_2023_20198_DetectorPOC详情
9Ansible Playbook for CVE-2023-20198https://github.com/ditekshen/ansible-cve-2023-20198POC详情
10Nonehttps://github.com/reket99/Cisco_CVE-2023-20198POC详情
111vere$k POC on the CVE-2023-20198https://github.com/iveresk/cve-2023-20198POC详情
12CISCO CVE POC SCRIPThttps://github.com/sohaibeb/CVE-2023-20198POC详情
13Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)https://github.com/fox-it/cisco-ios-xe-implant-detectionPOC详情
14A PoC for CVE 2023-20198https://github.com/Pushkarup/CVE-2023-20198POC详情
15This is a webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273https://github.com/Shadow0ps/CVE-2023-20198-ScannerPOC详情
16Check a target IP for CVE-2023-20198https://github.com/kacem-expereo/CVE-2023-20198POC详情
17Nonehttps://github.com/mr-r3b00t/CVE-2023-20198-IOS-XE-ScannerPOC详情
18Nonehttps://github.com/ohlawd/CVE-2023-20198POC详情
19Nonehttps://github.com/IceBreakerCode/CVE-2023-20198POC详情
20An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers https://github.com/sanjai-AK47/CVE-2023-20198POC详情
21CVE-2023-20198 Exploit PoChttps://github.com/smokeintheshell/CVE-2023-20198POC详情
22Check for and remediate conditions that make an IOS-XE device vulnerable to CVE-2023-20198https://github.com/netbell/CVE-2023-20198-FixPOC详情
23Cisco CVE-2023-20198https://github.com/Vulnmachines/Cisco_CVE-2023-20198POC详情
24An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers https://github.com/RevoltSecurities/CVE-2023-20198POC详情
25CVE-2023-20198-RCE, support adding/deleting users and executing cli commands/system commands.https://github.com/W01fh4cker/CVE-2023-20198-RCEPOC详情
26Nonehttps://github.com/sanan2004/CVE-2023-20198POC详情
27🚨 Just completed a detailed investigation for Event ID 193: "SOC231 - Cisco IOS XE Web UI ZeroDay (CVE-2023-20198)" via @LetsDefend.io. The attacker successfully bypassed authentication, gaining admin control over the device! Immediate containment was critical. Stay vigilant! 💻🔐https://github.com/AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-POC详情
28CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。https://github.com/XiaomingX/CVE-2023-20198-pocPOC详情
29CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。https://github.com/XiaomingX/cve-2023-20198-pocPOC详情
30A go-exploit to scan for implanted Cisco IOS XE Systems cve-2023-20198, go-exploithttps://github.com/unsightlyabol/cisco-ios-xe-implant-scannerPOC详情
31Exploit PoC for CVE-2023-20198https://github.com/G4sul1n/Cisco-IOS-XE-CVE-2023-20198POC详情
32Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system. For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory. Cisco will provide updates on the status of this investigation and when a software patch is available. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-20198.yamlPOC详情
33Nonehttps://github.com/Arshit01/CVE-2023-20198POC详情
34A cybersecurity case study analysing CVE-2023-20198 in Cisco IOS XE, covering vulnerability exploitation, mitigation strategies, secure software development frameworks, and patch management policies, with practical insights from a controlled lab environmenthttps://github.com/Religan/CVE-2023-20198POC详情
35CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。https://github.com/djayaGit/cve-2023-20198-poc-ciscoPOC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2023-20198 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same product: Cisco IOS XE Software
Same vendor: Cisco
Same weakness: CWE-420
V. Comments for CVE-2023-20198

暂无评论

发表评论