← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-20118 — Actively Exploited: Small Business RV Series Routers (Cisco)

Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.

CVE IDCVE-2023-20118
VendorCisco
ProductSmall Business RV Series Routers
Vulnerability nameCisco Small Business RV Series Routers Command Injection Vulnerability
Date added2025-03-03
Remediation due2025-03-24
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionMultiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →