| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2023-20118 | Cisco Small Business RV Series Routers Command Injection Vulnerability | exploitation_technique | T1068 | Exploitation for Privilege Escalation |
Comments
Cisco Small Business Router models RV016, RV042, RV042G, RV082, RV320, and RV325 perform improper validation of HTTP packet user input. An authenticated attacker can craft these requests and send them, leading to arbitrary command execution.
References
|
| CVE-2023-20118 | Cisco Small Business RV Series Routers Command Injection Vulnerability | exploitation_technique | T1078 | Valid Accounts |
Comments
Cisco Small Business Router models RV016, RV042, RV042G, RV082, RV320, and RV325 perform improper validation of HTTP packet user input. An authenticated attacker can craft these requests and send them, leading to arbitrary command execution.
References
|
| CVE-2023-20118 | Cisco Small Business RV Series Routers Command Injection Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
Cisco Small Business Router models RV016, RV042, RV042G, RV082, RV320, and RV325 perform improper validation of HTTP packet user input. An authenticated attacker can craft these requests and send them, leading to arbitrary command execution.
References
|
| CVE-2023-20118 | Cisco Small Business RV Series Routers Command Injection Vulnerability | secondary_impact | T1505.003 | Web Shell |
Comments
Cisco Small Business Router models RV016, RV042, RV042G, RV082, RV320, and RV325 perform improper validation of HTTP packet user input. An authenticated attacker can craft these requests and send them, leading to arbitrary command execution.
References
|