Security News > 2024 > November > Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)
2024-11-07 09:28
Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) affecting its Ultra-Reliable Wireless Backhaul (URWB) Access Points that can be exploited via a HTTP requests and allows complete compromise of the devices. There are no workarounds to address this flaw, though vulnerable access points can be protected by switching off URWB mode, the company shared in the advisory. The good news is that the vulnerability was discovered by a Cisco employee during internal security testing … More → The post Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/07/cve-2024-20418/
Related news
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) (source)
- Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) (source)
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- MITRE warns that funding for critical CVE program expires today (source)
- CISA extends funding to ensure 'no lapse in critical CVE services' (source)