Unrated severityNVD Advisory· Published Nov 8, 2018· Updated Nov 26, 2024
Cisco Meraki Local Status Page Privilege Escalation Vulnerability
CVE-2018-0284
Description
A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An exploit could allow the attacker to establish an interactive session to the device with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Cisco/Cisco Meraki M5v5Range: <9.37
- Range: <24.13
- Range: <13.32
- Cisco/Cisco Meraki Z1v5Range: <13.32
- Cisco/Cisco Meraki Z3v5Range: <13.32
Patches
Vulnerability mechanics
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-merakimitrevendor-advisoryx_refsource_CISCO
- www.securityfocus.com/bid/105878mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.