Lucene search
PRIOn knowledge basePRION:CVE-2024-20287HistoryJan 17, 2024 - 5:15 p.m.
Command injection
2024-01-1717:15:00
PRIOn knowledge base
www.prio-n.com
3
cisco wap371
command injection
web-based management
remote attack
user input validation
http requests
root privileges
administrative credentials
nvd
A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit this vulnerability, the attacker must have valid administrative credentials for the device.
Related
cvelist
cvelist
CVE-2024-20287
2024-01-17 16:58:01
nessus
nessus
cve
cve
CVE-2024-20287
2024-01-17 17:15:12
cisco
cisco
Cisco WAP371 Wireless Access Point Command Injection Vulnerability
2024-01-10 16:00:00
nvd
nvd
CVE-2024-20287
2024-01-17 17:15:12
thn
thn
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
2024-01-11 04:55:00