Multiple vulnerabilities in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless Access Points (APs) could allow an authenticated, remote attacker to perform command injection and buffer overflow attacks against an affected device. In order to exploit these vulnerabilities, the attacker must have valid administrative credentials for the device.
For more information about these vulnerabilities, see the Details section of this advisory.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-85G83CRB
Security Impact Rating: Medium
CVE: CVE-2024-20335,CVE-2024-20336
Source:: Cisco Security Advisories