Cisco Aironet Access Points Command Injection Vulnerability (CVE-2016-1418)
Cisco Aironet Access Points Command Injection Vulnerability (CVE-2016-1418)
Release date:
Updated on:
Affected Systems:
Cisco Aironet Access Point Software Release 8.2 (100.0)
Description:
CVE (CAN) ID: CVE-2016-1418
Cisco Aironet 1800/2800/3800 Series Access Point is a product for Small and Medium wireless network Access points.
The command line interpreter for Cisco Aironet 1800/2800/3800 Series Access Point has a security vulnerability. Local attackers can exploit this vulnerability to inject commands in Linux shell and execute these commands as root.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap
*>
Suggestion:
Vendor patch:
Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20160606-aap) and patches for this:
Cisco-sa-20160606-aap: Cisco Aironet Access Points Command-Line Interpreter Linux Shell Command Injection Vulnerability
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap
This article permanently updates the link address: