CVE-2021-1423

Name of the Vulnerable Software and Affected Versions Cisco Aironet Access Points (affected versions not specified)

Description The issue is related to insufficient input validation for a specific command in the implementation of a CLI command, which could allow an authenticated, local attacker to overwrite files in the flash memory of the device. An attacker could exploit this by issuing a command with crafted arguments, potentially allowing them to overwrite or create files with data already present in other files hosted on the affected device.

Recommendations For Cisco Aironet Access Points, consider restricting access to the vulnerable CLI command until a patch is available. As a temporary workaround, avoid using crafted arguments with specific commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.