Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Access Point Software Command Injection Vulnerability
Vulnerability Description
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Cisco Access Point 命令注入漏洞
Vulnerability Description
Cisco Access Point是美国思科(Cisco)公司的一款网络接入点设备。为小型办公室提供高密度无线连接。 Cisco Access Point 存在安全漏洞,该漏洞源于对从无线控制器向 AP 发出的命令的不正确输入验证。
CVSS Information
N/A
Vulnerability Type
N/A