Cisco Access Point Software command execution | CVE-2023-20097
NAME
__________
Cisco Access Point Software command execution
Platforms Affected:
Cisco Aironet 1540 Series APs
Cisco Aironet 1560 Series APs
Cisco Aironet 1800 Series APs
Cisco Aironet 2800 Series APs
Cisco Aironet 3800 Series APs
Cisco Aironet 4800 APs
Cisco Catalyst 9100 APs
Cisco Integrated AP on 1100 Integrated Services Routers
Cisco 6300 Series Embedded Services APs (ESW6300)
Cisco Catalyst IW6300 Heavy Duty Series APs
Cisco Catalyst IW9165 Heavy Duty Series
Cisco Catalyst IW9165 Rugged Series
Cisco Catalyst IW9167 Heavy Duty Series
Risk Level:
4.6
Exploitability:
Unproven
Consequences:
Gain Access
DESCRIPTION
__________
Cisco Access Point Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper input validation of commands. By sending a command with specially crafted arguments, an attacker could exploit this vulnerability to execute arbitrary commands with root privileges on the system.
CVSS 3.0 Information
__________
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Access Vector:
Local
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
