A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform buffer overflow attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
History
05 Aug 2025, 14:39
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Cisco wap571
Cisco wap125 Cisco wap121 Cisco wap581 Cisco wap571 Firmware Cisco wap131 Firmware Cisco wap351 Firmware Cisco wap320 Firmware Cisco wap351 Cisco wap125 Firmware Cisco wap150 Cisco wap361 Cisco wap371 Cisco wap320 Cisco Cisco wap571e Cisco wap571e Firmware Cisco wap321 Cisco wap371 Firmware Cisco wap361 Firmware Cisco wap321 Firmware Cisco wap581 Firmware Cisco wap131 Cisco wap121 Firmware Cisco wap150 Firmware |
|
| References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-85G83CRB - Vendor Advisory | |
| CPE | cpe:2.3:h:cisco:wap320:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap321_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap371:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap150_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap321:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap571e:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap131_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap121:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap371_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap125_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap571:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap581_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap320_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap571e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap361:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap361_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap571_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap125:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap351_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wap121_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:wap581:-:*:*:*:*:*:*:* |
Information
Published : 2024-03-06 17:15
Updated : 2025-08-05 14:39
NVD link : CVE-2024-20336
Mitre link : CVE-2024-20336
CVE.ORG link : CVE-2024-20336
JSON object : View
Products Affected
cisco
- wap571_firmware
- wap320
- wap150
- wap320_firmware
- wap121
- wap321_firmware
- wap131_firmware
- wap361_firmware
- wap581
- wap125_firmware
- wap351
- wap150_firmware
- wap321
- wap351_firmware
- wap371
- wap571e_firmware
- wap125
- wap581_firmware
- wap371_firmware
- wap121_firmware
- wap571
- wap131
- wap361
- wap571e
CWE
CWE-121
Stack-based Buffer Overflow