Multiple vulnerabilities in Cisco Small Business 100, 300 and 500 Series Wireless Access Points
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 9 |
| CVE-ID | CVE-2021-1547 CVE-2021-1548 CVE-2021-1549 CVE-2021-1550 CVE-2021-1551 CVE-2021-1552 CVE-2021-1553 CVE-2021-1554 CVE-2021-1555 |
| CWE-ID | CWE-77 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE Hardware solutions / Routers & switches, VoIP, GSM, etc WAP131 Wireless-N Dual Radio Access Point with PoE Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE Hardware solutions / Routers & switches, VoIP, GSM, etc WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE Hardware solutions / Routers & switches, VoIP, GSM, etc WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
1) Command Injection
EUVDB-ID: #VU53412
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1547
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command Injection
EUVDB-ID: #VU53413
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1548
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Command Injection
EUVDB-ID: #VU53414
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1549
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Command Injection
EUVDB-ID: #VU53415
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1550
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Command Injection
EUVDB-ID: #VU53416
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1551
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Command Injection
EUVDB-ID: #VU53417
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1552
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Command Injection
EUVDB-ID: #VU53418
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1553
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Command Injection
EUVDB-ID: #VU53420
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1554
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Command Injection
EUVDB-ID: #VU53421
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1555
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE: - - 1.0.3.1
WAP131 Wireless-N Dual Radio Access Point with PoE: - - 1.0.2.17
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE: - - 1.1.2.4
WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch: - - 1.0.2.17
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE: - - 1.1.2.4
WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN: - - 1.0.3.1
CPE2.3- cpe:2.3:h:cisco_systems:wap125:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap125:1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap131_wireless-n_dual_radio_access_point_with_poe:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap150:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap351_wireless-n_dual_radio_access_point_with_5-port_switch:1.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_wap361:1.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:wap581_wireless-ac_dual_radio_wave_2_access_point_with_2.5gbe_lan:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-Mp9FSdG
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
