Cisco Bug Could Lead to Command Injection Attacks

Cisco is warning of a bug found in its Unified industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) access points that could allow an unauthenticated remote attacker to release command injection attacks.

An attacker could exploit the vulnerability by sending HTTP requests to the Web-based management interface of an affected system. If successful, the attacker could execute arbitrary commands with root privileges in the affected device's underlying operating system.

The vulnerability exists due to an improper validation of input to the Web-based management interface. It affects the three Cisco wireless access points (APs) if they have the URWB operating mode enabled and are running a vulnerable release: Catalyst IW9165D, Catalyst IW9165E (both APs and clients), and Catalyst IW9167E.

Devices not running URWB operating mode remain unaffected by this vulnerability. To ascertain whether URWB is enabled, users should use the "show mpls-config" CLI command.

"If the command is available, the URWB operating mode is enabled and the device is affected by this vulnerability," Cisco said. "If the command is not available, the URWB operating mode is disabled and the device is not affected by this vulnerability."

Cisco said it's unaware of any public exploitation of the vulnerability and has released a fix for the flaw, but there are no other workarounds to address it.