A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
|
History
No history.
Information
Published : 2021-03-24 21:15
Updated : 2024-02-28 18:08
NVD link : CVE-2021-1423
Mitre link : CVE-2021-1423
CVE.ORG link : CVE-2021-1423
JSON object : View
Products Affected
cisco
- catalyst_9800_firmware
- aironet_3800
- aironet_1540
- esw6300
- aironet_1560
- wireless_lan_controller_software
- catalyst_9100
- aironet_4800
- aironet_1800
- catalyst_9800
- aironet_access_point_software
- catalyst_iw6300
- 1100_integrated_services_router
- aironet_2800
CWE
CWE-668
Exposure of Resource to Wrong Sphere