CVE-2021-1423: Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability
First published: Wed Mar 24 2021(Updated: )
A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Access Point Software | ||
| Cisco 1100 Integrated Services Router | ||
| Cisco Aironet 1540 | ||
| Cisco Aironet 1560 | ||
| Cisco Aironet 1800 | ||
| Cisco Aironet 2800 | ||
| Cisco Aironet 3800 | ||
| Cisco Aironet 4800 | ||
| Cisco Catalyst 9100 | ||
| Cisco Catalyst Iw6300 | ||
| Cisco Esw6300 | ||
| Cisco Catalyst 9800 Firmware | <16.12.5 | |
| Cisco Catalyst 9800 Firmware | >=17.1<=17.2 | |
| Cisco Catalyst 9800 Series Routers | ||
| Cisco Wireless LAN Controller Software | <8.5.171.0 | |
| Cisco Wireless LAN Controller Software | >=8.6<8.10.130.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-1423?
CVE-2021-1423 is a vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) that could allow an authenticated, local attacker to overwrite files in the device's flash memory.
How severe is CVE-2021-1423?
CVE-2021-1423 has a severity value of 4.4 (medium).
Which software products are affected by CVE-2021-1423?
Cisco Aironet Access Point Software and Cisco Wireless LAN Controller Software are affected by CVE-2021-1423.
How can an attacker exploit CVE-2021-1423?
An attacker can exploit CVE-2021-1423 by exploiting insufficient input validation for a specific command in the CLI of the affected Cisco devices.
Where can I find more information about CVE-2021-1423?
You can find more information about CVE-2021-1423 in the Cisco Security Advisory at the following link: [Cisco Security Advisory](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb)
- agent/type
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/title
- agent/severity
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco access point software
- canonical/cisco 1100 integrated services router
- canonical/cisco aironet 1540
- canonical/cisco aironet 1560
- canonical/cisco aironet 1800
- canonical/cisco aironet 2800
- canonical/cisco aironet 3800
- canonical/cisco aironet 4800
- canonical/cisco catalyst 9100
- canonical/cisco catalyst iw6300
- canonical/cisco esw6300
- canonical/cisco catalyst 9800 firmware
- version/cisco catalyst 9800 firmware/17.1
- version/cisco catalyst 9800 firmware/17.2
- canonical/cisco catalyst 9800 series routers
- canonical/cisco wireless lan controller software
- version/cisco wireless lan controller software/8.6