A vulnerability in the command-line interface (CLI) of the Cisco Aironet 1850 Series Access Point device could allow an authenticated, local attacker to obtain elevated privileges to the restricted shell on the device.

The vulnerability is due to a lack of proper escape protections when validating CLI commands entered at the device prompt. An authenticated attacker could exploit this vulnerability by entering malicious commands at the CLI to obtain access to the restricted shell. An exploit could allow the attacker to obtain root-level privileges on the affected device.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-aironet

Leave a Reply