cisco-sa-sb-wap-multi-ZAfKGXhF: Cisco??Small Business 100, 300, and 500 Series Wireless Access Points Vulnerabilities
First published: Wed May 05 2021(Updated: )
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-ZAfKGXhF
Credit: Shuto Imai LAC CoLtd. for reporting these vulnerabilities.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Products | =WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN<CSCvw59999 CSCvw60000=WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE<CSCvw59995 CSCvw59997=WAP150 Wireless-AC/N Dual Radio Access Point with PoE<CSCvw59995 CSCvw59997=WAP125 Wireless-AC Dual Band Desktop Access Point with PoE<CSCvw59999 CSCvw60000 | CSCvw59999 CSCvw60000 CSCvw59995 CSCvw59997 CSCvw59995 CSCvw59997 CSCvw59999 CSCvw60000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-sb-wap-multi-ZAfKGXhF?
The severity of the vulnerabilities in cisco-sa-sb-wap-multi-ZAfKGXhF is high as they could allow an attacker to obtain sensitive information or inject commands.
How do I fix cisco-sa-sb-wap-multi-ZAfKGXhF?
To fix cisco-sa-sb-wap-multi-ZAfKGXhF, you should apply the recommended firmware update provided by Cisco for the affected access points.
What are the affected devices in cisco-sa-sb-wap-multi-ZAfKGXhF?
Affected devices in cisco-sa-sb-wap-multi-ZAfKGXhF include Cisco Small Business 100, 300, and 500 Series Wireless Access Points.
Can cisco-sa-sb-wap-multi-ZAfKGXhF vulnerabilities be exploited remotely?
Yes, cisco-sa-sb-wap-multi-ZAfKGXhF vulnerabilities can be exploited by an authenticated, remote attacker.
What types of attacks are possible with cisco-sa-sb-wap-multi-ZAfKGXhF?
Potential attacks include unauthorized access to sensitive information and the ability to execute arbitrary commands on the device.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/event
- agent/description
- agent/title
- agent/trending
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco products
- version/cisco products/wap581 wireless-ac dual radio wave 2 access point with 2.5gbe lan
- version/cisco products/wap361 wireless-ac/n dual radio wall plate access point with poe
- version/cisco products/wap150 wireless-ac/n dual radio access point with poe
- version/cisco products/wap125 wireless-ac dual band desktop access point with poe