Cisco Aironet Access Points 命令注入漏洞(CVE-2016-1418)
Cisco Aironet Access Points 命令注入漏洞(CVE-2016-1418)
Cisco Aironet Access Points 命令注入漏洞(CVE-2016-1418)
发布日期:2016-06-05
更新日期:2016-06-07
受影响系统:
Cisco Aironet Access Point Software Release 8.2(100.0)
描述:
CVE(CAN) ID: CVE-2016-1418
Cisco Aironet 1800/2800/3800 Series Access Point是中小型无线网络接入点产品。
Cisco Aironet 1800/2800/3800 Series Access Point的命令行解释程序存在安全漏洞。本地攻击者利用此漏洞可在Linux shell中注入命令,然后以root权限执行这些命令。
<*来源:Cisco
链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap
*>
建议:
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20160606-aap)以及相应补丁:
cisco-sa-20160606-aap:Cisco Aironet Access Points Command-Line Interpreter Linux Shell Command Injection Vulnerability
链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap
本文永久更新链接地址:
评论暂时关闭