Published: 23/03/2023 Updated: 07/11/2023

CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8

VMScore: 0

Subscribe to Wireless Lan Controller Software

A vulnerability in Cisco access points (AP) software could allow an authenticated, local malicious user to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the malicious user to gain full root access on the AP.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco wireless_lan_controller_software
cisco aironet_access_point_software
cisco ios xe

A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP An attacker with Administrator access to the CLI of the controll ...

CWE-77 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8 https://nvd.nist.gov https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-20097

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect