A critical vulnerability in Cisco Catalyst 9800 wireless controllers could allow attackers to gain remote root access by exploiting a hard-coded JSON Web Token (JWT) in the Out-of-Band AP Image Download feature, which is disabled by default.
Administrators should verify if this feature is enabled and disable it as a temporary mitigation. Cisco has released patches to fully remediate the issue, and Raxis strongly recommends updating to the latest software version as soon as possible.
The Raxis team is reaching out to all Raxis Attack customers who may be affected.
View the Cisco Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
Scottie Cole
About The Exploit
The Exploit is written by Raxis penetration testers. Every post is a technical writeup from someone who runs engagements for a living, with code, command output, and the reasoning behind each step. Topics include exploit research, vulnerability disclosure, tool development, and the offensive techniques showing up in current client work.
Search The Exploit Blog
Raxis Discovered Vulnerabilities
View the CVEs and bugs that Raxis pentesters have uncovered and submitted.
Work With the Pentesters Who Wrote This Blog
The engineers behind these posts run real engagements every week. Put them on your network, web apps, APIs, or cloud and see what an attacker would find first.
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis Discovered Vulnerabilities
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless
