Cisco has addressed a critical vulnerability that could allow attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points.
Ultra-Reliable Wireless Backhaul (URWB) is a highly reliable wireless backhaul technology that is commonly used to connect network components, especially in 5G mobile networks and industrial networks.
The vulnerability, identified as CVE-2024-20418, exists in the web-based management interface of Cisco's Unified Industrial Wireless Software. Notably, unauthenticated attackers can exploit this vulnerability to perform low-sophistication command injection attacks without requiring user interaction.
Cisco added that the vulnerability stems from the failure to properly validate input to the web-based management interface. An attacker can exploit it by sending specially crafted HTTP requests to this interface on the affected system.
CVE-2024-20418 affects Catalyst IW9165D Heavy Duty Access Points, Catalyst IW9165E Harsh Environment Access Points, and Catalyst IW9167E Heavy Duty Access Points, provided they are running vulnerable firmware and have URWB mode enabled. There
is currently no public proof-of-concept (PoC) exploit code or indication that this has been exploited in attacks.
Administrators can determine whether URWB mode is enabled by checking if the "show mpls-config" command in the command-line interface (CLI) is available. If this command is not available, URWB is disabled and the device is not affected by this vulnerability.
No comments: