Cisco IOS XE - Remote Code Execution (CVE-2023-20198, CVE-2023-20273)

Cisco IOS XE is vulnerable to CVE-2023-20273, a Remote Code Execution vulnerability. The root cause of this vulnerability is an improper input validation in the Web UI interface which allows an authenticated attacker to inject commands with the privileges of root on an affected system.

思科IOS XE系统存在CVE-2023-20273安全漏洞，该漏洞属于远程代码执行类型。该漏洞的根本原因在于Web用户界面接口中输入验证不当，使得经过身份验证的攻击者能够在受影响的系统上注入具有root权限的命令。