A critical vulnerability in Cisco Catalyst 9800 wireless controllers could allow attackers to gain remote root access by exploiting a hard-coded JSON Web Token (JWT) in the Out-of-Band AP Image Download feature, which is disabled by default.
Administrators should verify if this feature is enabled and disable it as a temporary mitigation. Cisco has released patches to fully remediate the issue, and Raxis strongly recommends updating to the latest software version as soon as possible.
The Raxis team is reaching out to all Raxis Attack customers who may be affected.
View the Cisco Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
