A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform command injection attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00135.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Cisco Cisco Business Wireless Access Point Software affected
Version Status Constraints
1.0.0.13 affected
1.0.0.16 affected
1.0.0.3 affected
1.0.0.4 affected
1.0.0.5 affected
1.0.0.7 affected
1.0.1.2 affected
1.0.1.3 affected
1.0.1.5 affected
1.0.1.6 affected
1.0.1.7 affected
1.0.2.0 affected
1.0.3.1 affected
1.0.4.4 affected
1.0.4.3 affected
1.0.1.10 affected
1.0.5.0 affected
1.0.0.10 affected
1.0.0.12 affected
1.0.0.14 affected
1.0.0.15 affected
1.0.0.17 affected
1.0.0.9 affected
1.0.1.11 affected
1.0.1.12 affected
1.0.1.9 affected
1.0.2.6 affected
1.1.0.5 affected
1.1.0.7 affected
1.1.0.9 affected
1.1.1.0 affected
1.1.2.4 affected
1.1.4.6 affected
1.1.3.2 affected
1.1.4.0 affected
1.1.0.3 affected
1.1.0.4 affected
1.1.0.6 affected
1.1.2.3 affected
1.2.0.2 affected
1.2.0.3 affected
1.2.1.3 affected
1.3.0.3 affected
1.3.0.4 affected
1.3.0.6 affected
1.3.0.7 affected

Configuration 1 [-]

AND
cpe:2.3:o:cisco:wap121_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap121:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:cisco:wap125_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap125:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:cisco:wap131_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:cisco:wap150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:cisco:wap320_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap320:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:cisco:wap321_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap321:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:cisco:wap351_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:cisco:wap361_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap361:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:cisco:wap571_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap571:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:cisco:wap371_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap371:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:cisco:wap571e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap571e:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:cisco:wap581_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap581:-:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Cisco Subscribe
Business Wireless Access Point Software Subscribe

Project Subscriptions

Vendors Products
Cisco Subscribe
Business Wireless Access Point Software Subscribe
Wap121 Subscribe
Wap121 Firmware Subscribe
Wap125 Subscribe
Wap125 Firmware Subscribe
Wap131 Subscribe
Wap131 Firmware Subscribe
Wap150 Subscribe
Wap150 Firmware Subscribe
Wap320 Subscribe
Wap320 Firmware Subscribe
Wap321 Subscribe
Wap321 Firmware Subscribe
Wap351 Subscribe
Wap351 Firmware Subscribe
Wap361 Subscribe
Wap361 Firmware Subscribe
Wap371 Subscribe
Wap371 Firmware Subscribe
Wap571 Subscribe
Wap571 Firmware Subscribe
Wap571e Subscribe
Wap571e Firmware Subscribe
Wap581 Subscribe
Wap581 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2024-18050 A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform command injection attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-85G83CRB cve-icon cve-icon cve-icon
History

Tue, 05 Aug 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Cisco wap121
Cisco wap121 Firmware
Cisco wap125
Cisco wap125 Firmware
Cisco wap131
Cisco wap131 Firmware
Cisco wap150
Cisco wap150 Firmware
Cisco wap320
Cisco wap320 Firmware
Cisco wap321
Cisco wap321 Firmware
Cisco wap351
Cisco wap351 Firmware
Cisco wap361
Cisco wap361 Firmware
Cisco wap371
Cisco wap371 Firmware
Cisco wap571
Cisco wap571 Firmware
Cisco wap571e
Cisco wap571e Firmware
Cisco wap581
Cisco wap581 Firmware
CPEs cpe:2.3:h:cisco:wap121:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap125:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap320:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap321:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap361:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap371:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap571:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap571e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap581:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap121_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap125_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap131_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap320_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap321_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap351_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap361_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap371_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap571_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap571e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:wap581_firmware:-:*:*:*:*:*:*:*
Vendors & Products Cisco wap121
Cisco wap121 Firmware
Cisco wap125
Cisco wap125 Firmware
Cisco wap131
Cisco wap131 Firmware
Cisco wap150
Cisco wap150 Firmware
Cisco wap320
Cisco wap320 Firmware
Cisco wap321
Cisco wap321 Firmware
Cisco wap351
Cisco wap351 Firmware
Cisco wap361
Cisco wap361 Firmware
Cisco wap371
Cisco wap371 Firmware
Cisco wap571
Cisco wap571 Firmware
Cisco wap571e
Cisco wap571e Firmware
Cisco wap581
Cisco wap581 Firmware

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-08-01T21:59:41.400Z

Reserved: 2023-11-08T15:08:07.642Z

Link: CVE-2024-20335

cve-icon Vulnrichment

Updated: 2024-08-01T21:59:41.400Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-06T17:15:09.193

Modified: 2025-08-05T14:38:47.253

Link: CVE-2024-20335

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-13T11:15:11Z

Weaknesses