FlagThis

CyberSecurity updates
Updated: 2024-11-24 03:31:33 Pacfic
cisco.com
Cisco Unified Industrial Wireless Backhaul (URWB) Access Points Vulnerable to Critical Command Injection - 16d
Read more: www.cisco.com

Cisco’s Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul (URWB) Access Points has been found to contain a critical command injection vulnerability. This vulnerability, tracked as CVE-2024-39123, allows unauthenticated attackers to execute commands with root privileges on affected systems. The flaw stems from insufficient validation within the web-based management interface, making it susceptible to malicious HTTP requests. Successful exploitation of this vulnerability could grant attackers complete control over the targeted device, posing significant risks to networked devices and potentially disrupting critical operations. Cisco has released a software update to address the issue, and users are urged to upgrade immediately to mitigate potential impacts.

Original img attribution: https://thecyberexpress.com/wp-content/uploads/Cisco.webp
References:
  • Over Security - This article provides insights into the technical details of the vulnerability and its potential impact on affected devices. - 16d
  • Firewall Daily - This article provides a comprehensive analysis of the critical command injection vulnerability affecting Cisco’s URWB Access Points. - 16d
  • Tilde Lowengrimm (@tilde@infosec.town) - This toot discusses the new feature in iOS 18.1 that automatically reboots iPhones after four days of inactivity and its impact on law enforcement. - 15d
  • 404 Media - This article describes the new feature in iOS 18.1 that automatically reboots iPhones after four days of inactivity and its impact on law enforcement. - 15d
  • @Techmeme - Experts say a new feature in iOS 18.1 causes iPhone to reboot after few days of inactivity, which improves security and has caused concern among law enforcement. - 15d
  • CISO2CISO.COM - Source: sec.cloudapps.cisco.com – Author: . Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability Critical CVE-2024-20418 CWE-7 - 14d

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.