Cisco Business Wireless Access Point Software vulnerabilities

CVE-2024-20271 [HIGH] CWE-20 CVE-2024-20271: A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unaut A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 pac

CVE-2024-20265 [MEDIUM] CWE-501 CVE-2024-20265: A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticat A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary commands are available during boot time at the physical cons

CVE-2024-20335 [MEDIUM] CWE-78 CVE-2024-20335: A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Seri A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform command injection attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerab

CVE-2024-20336 [MEDIUM] CWE-121 CVE-2024-20336: A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wir A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform buffer overflow attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability i

CVE-2024-20287 [MEDIUM] CWE-88 CVE-2024-20287: A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio A A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit t

CVE-2023-20268 [MEDIUM] CWE-400 CVE-2023-20268: A vulnerability in the packet processing functionality of Cisco access point (AP) software could all A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a s

CVE-2023-20003 [MEDIUM] CWE-288 CVE-2023-20003: A vulnerability in the social login configuration option for the guest users of Cisco Business Wirel A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attemptin

CVE-2021-1553 [MEDIUM] CWE-77 CVE-2021-1553: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1547 [MEDIUM] CWE-77 CVE-2021-1547: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1550 [MEDIUM] CWE-77 CVE-2021-1550: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1548 [MEDIUM] CWE-77 CVE-2021-1548: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1549 [MEDIUM] CWE-77 CVE-2021-1549: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1554 [MEDIUM] CWE-77 CVE-2021-1554: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1551 [MEDIUM] CWE-77 CVE-2021-1551: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1555 [MEDIUM] CWE-77 CVE-2021-1555: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1552 [MEDIUM] CWE-77 CVE-2021-1552: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploi

CVE-2021-1401 [HIGH] CWE-269 CVE-2021-1401: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of t

CVE-2021-1400 [HIGH] CWE-269 CVE-2021-1400: Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of t