{"schema_version":"public-product-v1.1","generated_at":"2026-06-17T07:52:31Z","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","advisory":{"id":"cisco-sa-20190417-aironet-shell","slug":"cisco-sa-20190417-aironet-shell","vendor":"Cisco","title":"Cisco Aironet Series Access Points Development Shell Access Vulnerability","summary":"A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the underlying Linux OS. The attacker would need valid device credentials. The vulnerability exists because the software improperly validates user-supplied input at the CLI authentication prompt for development shell access. An attacker could exploit this vulnerability by authenticating to the device and entering crafted input at the CLI. A successful exploit could allow the attacker to access the AP development shell without proper authentication, which allows for root access to the underlying Linux OS. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-aironet-shell","severity":"High","published_at":"2019-04-17T16:00:00Z","updated_at":"2019-04-17T16:00:00Z","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-aironet-shell","csaf_url":"https://sec.cloudapps.cisco.com/security/center/contentjson/CiscoSecurityAdvisory/cisco-sa-20190417-aironet-shell/csaf/cisco-sa-20190417-aironet-shell.json","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure."},"freshness":{"last_source_refreshed_at":"2026-05-26T00:00:03Z","latest_source_refresh_at":"2026-05-26T00:00:03Z","oldest_source_refresh_at":"2026-05-22T00:16:33Z","all_sources_fresh":false,"sources":[{"source":"cisco_advisories","label":"Cisco advisories","last_success_at":"2026-05-26T00:00:03Z","stale":true},{"source":"cisco_csaf","label":"Cisco CSAF","last_success_at":"2026-05-25T03:03:26Z","stale":true},{"source":"nvd_cves","label":"NVD CVEs","last_success_at":"2026-05-22T00:16:33Z","stale":true},{"source":"cisa_kev","label":"CISA KEV","last_success_at":"2026-05-22T00:16:34Z","stale":true},{"source":"first_epss","label":"EPSS","last_success_at":"2026-05-22T00:16:40Z","stale":true}]},"summary":{"cve_count":1,"visible_product_count":1,"public_evidence_count":1,"kev_count":0,"highest_epss":0.00205,"highest_cvss":7.8},"cves":[{"id":"CVE-2019-1654","description":"A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the underlying Linux OS. The attacker would need valid device credentials. The vulnerability exists because the software improperly validates user-supplied input at the CLI authentication prompt for development shell access. An attacker could exploit this vulnerability by authenticating to the device and entering crafted input at the CLI. A successful exploit could allow the attacker to access the AP development shell without proper authentication, which allows for root access to the underlying Linux OS. Software versions prior to 8.3.150.0, 8.5.135.0, and 8.8.100.0 are affected.","severity":"HIGH","kev":false,"epss":{"score":0.00205,"percentile":0.42442,"score_date":"2026-05-21","updated_at":"2026-05-22T00:16:39Z"},"cvss_score":7.8,"cvss_source":"NVD","cwe":"CWE-255","published_at":"2019-04-17T22:29:00Z","modified_at":"2024-11-21T04:37:01Z"}],"public_evidence":[{"product":{"name":"Cisco Aironet Access Point Software","slug":"cisco-aironet-access-point-software","vendor":"Cisco"},"cve":{"id":"CVE-2019-1654"},"evidence_type":"structured_affected","evidence_label":{"scope":"CSAF product evidence","label":"product_status known affected"},"evidence_source":"Cisco CSAF","source":"Cisco CSAF","source_document_fetched_at":"2026-05-19T19:54:45Z","csaf_status":"known_affected","csaf_product_status":"known_affected","csaf_product_status_path":"vulnerabilities[].product_status.known_affected","raw_product_name":"Cisco Aironet Access Point Software","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","exposure_verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","kev":false,"epss":{"score":0.00205,"score_date":"2026-05-21","updated_at":"2026-05-22T00:16:39Z"},"cvss_score":7.8,"cvss_source":"NVD","published_at":"2019-04-17T16:00:00Z","updated_at":"2019-04-17T16:00:00Z","advisory_updated_at":"2019-04-17T16:00:00Z","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-aironet-shell","remediation":{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-aironet-shell"},"row_display_order":1}]}