漏洞类别:General remote services
漏洞等级: 
漏洞信息
A vulnerability in the command-line interface (CLI) processor of the Cisco Wireless LAN Controller (WLC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges on the underlying operating system.
The vulnerability is due to insufficient input validation.
漏洞危害
An attacker could exploit this vulnerability by authenticating to the device and submitting crafted commands through the CLI. An exploit could allow the attacker to read, write, and overwrite any file on the system or execute arbitrary code.
解决方案
Customers are advised to refer to Cisco Security Advisory Cisco-SA-20150625-CVE-2015-4224 for details pertaining to remediating this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论