Matthew Street

**Name of the Vulnerable Software and Affected Versions** Cisco access points (AP) software (affected versions not specified) **Description** A vulnerability in Cisco access points software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This issue is due to improper input validation of commands issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this by issuing a command with crafted arguments, potentially gaining full root access on the AP. **Recommendations** For all affected versions, consider restricting access to the CLI of the controller to minimize the risk of exploitation. As a temporary workaround, limiting the ability to issue commands with crafted arguments from the wireless controller to the AP could help mitigate the risk until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco access point (AP) software (affected versions not specified) **Description** A vulnerability in the management CLI of Cisco access point software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This issue is due to insufficient input validation of commands supplied by the user. An attacker could exploit this by authenticating to a device and submitting crafted input to the affected command, potentially causing the device to reload spontaneously. **Recommendations** For all affected versions, consider restricting access to the management CLI to minimize the risk of exploitation. As a temporary workaround, avoid using commands that may trigger the vulnerability until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.