MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2024-20336

CVSS 6.5v3.1pub. 2024-03-06upd. 2025-08-05

A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform buffer overflow attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
  • Cisco Wap121

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap121 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap125

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap125 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap131

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap131 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap150

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap150 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap320

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap320 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap321

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap321 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap351

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap351 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap361

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap361 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap371

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap371 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap571

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap571e

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap571e Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap571 Firmware

    OS
    Cisco
    wszystkie wersje
  • Cisco Wap581

    HW
    Cisco
    wszystkie wersje
  • Cisco Wap581 Firmware

    OS
    Cisco
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2021-1401HIGH8.8ten sam produkt

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 5...

CVE-2021-1400HIGH8.8ten sam produkt

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 5...

CVE-2020-12695HIGH7.5ten sam produkt

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subs...

CVE-2024-20335MEDIUM6.5ten sam produkt

A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireles...

CVE-2024-20287MEDIUM6.5ten sam produkt

A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Poin...