cisco-sa-sb-wap-multi-85G83CRB

Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection and Buffer Overflow Vulnerabilities

cisco-sa-sb-wap-multi-85G83CRB · Medium · Published 2 years ago · Updated 2 years ago

Multiple vulnerabilities in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless Access Points (APs) could allow an authenticated, remote attacker to perform command injection and buffer overflow attacks against an affected device. In order to exploit these vulnerabilities, the attacker must have valid administrative credentials for the device. For more information about these vulnerabilities, see the Details section of this advisory. There are no workarounds that address these vulnerabilities.  This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-85G83CRB

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEs	CVE-2024-20335, CVE-2024-20336
Cisco Bug IDs	CSCwi78277, CSCwi83948, CSCwi78254, CSCwi78271, CSCwi83951, CSCwi83952, CSCwi83953, CSCwi83957
CVSS Score	Base 6.5 Base 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source	Cisco Business Wireless Access Point Software

Related Products

Product	CVE	Evidence

Vulnslist

find the latest Cisco vulnerabilities

Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection and Buffer Overflow Vulnerabilities

Workarounds

Related Products