CVE-2019-1829 is a vulnerability in Cisco Aironet Access Point Software
Published on April 18, 2019
Cisco Aironet Series Access Points Command Injection Vulnerability
A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due to improper validation of user-supplied input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input for a CLI command. A successful exploit could allow the attacker to obtain access to the underlying Linux OS without proper authentication.
Weakness Type
Configuration
Weaknesses in this category are typically introduced during the configuration of the software.
Products Associated with CVE-2019-1829
Want to know whenever a new CVE is published for Cisco Aironet Access Point Software? stack.watch will email you.
Affected Versions
Cisco Aironet Access Point Software Version 8.5(131.0) is affected by CVE-2019-1829Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.