A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote malicious user to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An exploit could allow the malicious user to establish an interactive session to the device with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco meraki_mr_24_firmware |
||
cisco meraki_mr_25_firmware |
||
cisco meraki_ms_10_firmware |
||
cisco meraki_ms_9_firmware |
||
cisco meraki_mx_15_firmware |
||
cisco meraki_mx_14_firmware |
||
cisco meraki_mx_13_firmware |