CVE-2021-1543

Name of the Vulnerable Software and Affected Versions Cisco Small Business 220 Series Smart Switches (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the web-based management interface, which could allow an attacker to hijack a user session, execute arbitrary commands as a root user on the underlying operating system, conduct a cross-site scripting (XSS) attack, or conduct an HTML injection attack. The vulnerability is also associated with a lack of protection for the web page structure, which could enable a remote attacker to perform cross-site scripting attacks using a specially crafted malicious link.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.