漏洞标题
Cisco Aironet系列接入点命令注入漏洞
漏洞描述信息
Cisco Aironet系列访问点命令注入漏洞
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Cisco Aironet Series Access Points Command Injection Vulnerability
漏洞描述信息
A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due to improper validation of user-supplied input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input for a CLI command. A successful exploit could allow the attacker to obtain access to the underlying Linux OS without proper authentication.
CVSS信息
N/A
漏洞类别
配置
漏洞标题
多款Cisco产品操作系统命令注入漏洞
漏洞描述信息
Cisco Aironet 1540 Series APs等都是美国思科(Cisco)公司的产品。Cisco Aironet 1540 Series APs是一款1540系列访问接入点产品。Cisco Aironet 1560 Series APs是一款1560系列访问接入点产品。Cisco Aironet 1800 Series APs是一款1800系列访问接入点产品。 多款Cisco产品中的CLI存在配置错误漏洞,该漏洞源于网络系统或组件的使用过程中存在不合理的文件配置、参数配置等。以下产品受到影响:
CVSS信息
N/A
漏洞类别
授权问题