Details of VAR-202403-1815

ID

VAR-202403-1815

CVE

CVE-2024-20336

TITLE

Stack-based buffer overflow vulnerability in multiple Cisco Systems products

Trust: 0.8

sources: JVNDB: JVNDB-2024-026853

DESCRIPTION

A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform buffer overflow attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. Cisco WAP121 firmware, Cisco WAP125 firmware, Cisco WAP131 Multiple Cisco Systems products, including firmware, contain a stack-based buffer overflow vulnerability.Information may be obtained and information may be tampered with. Cisco Small Business is a switch of Cisco

Trust: 2.16

sources: NVD: CVE-2024-20336 // JVNDB: JVNDB-2024-026853 // CNVD: CNVD-2024-37606

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-37606

AFFECTED PRODUCTS

vendor:	cisco	model:	wap371	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap150	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap125	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap131	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap321	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap571e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap571	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap121	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap581	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap361	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap320	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	wap351	scope:	eq	version:	-	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco wap371	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap571e	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap131	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap121	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap320	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap321	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap571	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap125	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap150	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap361	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap581	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco wap351	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	small business	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2024-37606 // JVNDB: JVNDB-2024-026853 // NVD: CVE-2024-20336

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@cisco.com:	CVE-2024-20336
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2024-026853
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2024-37606
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2024-37606
severity:	HIGH
baseScore:	7.7
vectorString:	AV:N/AC:L/AU:M/C:C/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	MULTIPLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	6.4
impactScore:	9.2
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

psirt@cisco.com:	CVE-2024-20336
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	5.2
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2024-026853
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2024-37606 // JVNDB: JVNDB-2024-026853 // NVD: CVE-2024-20336

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-026853 // NVD: CVE-2024-20336

PATCH

title:	cisco-sa-sb-wap-multi-85G83CRB	url:	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-85G83CRB	Trust: 0.8
title:	Patch for Cisco Small Business Buffer Overflow Vulnerability (CNVD-2024-37606)	url:	https://www.cnvd.org.cn/patchInfo/show/588091	Trust: 0.6

sources: CNVD: CNVD-2024-37606 // JVNDB: JVNDB-2024-026853

EXTERNAL IDS

db:	NVD	id:	CVE-2024-20336	Trust: 3.2
db:	JVNDB	id:	JVNDB-2024-026853	Trust: 0.8
db:	CNVD	id:	CNVD-2024-37606	Trust: 0.6

sources: CNVD: CNVD-2024-37606 // JVNDB: JVNDB-2024-026853 // NVD: CVE-2024-20336

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2024-20336	Trust: 1.4
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-wap-multi-85g83crb	Trust: 1.0

sources: CNVD: CNVD-2024-37606 // JVNDB: JVNDB-2024-026853 // NVD: CVE-2024-20336

SOURCES

db:	CNVD	id:	CNVD-2024-37606
db:	JVNDB	id:	JVNDB-2024-026853
db:	NVD	id:	CVE-2024-20336

LAST UPDATE DATE

2025-08-09T23:06:09.976000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-37606	date:	2024-09-06T00:00:00
db:	JVNDB	id:	JVNDB-2024-026853	date:	2025-08-06T02:02:00
db:	NVD	id:	CVE-2024-20336	date:	2025-08-05T14:39:11.950

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-37606	date:	2024-09-05T00:00:00
db:	JVNDB	id:	JVNDB-2024-026853	date:	2025-08-06T00:00:00
db:	NVD	id:	CVE-2024-20336	date:	2024-03-06T17:15:09.397