A high-severity vulnerability has been identified in the BROWAN COMMUNICATIONS PrismX MX100 AP controller. This flaw allows a remote attacker with existing privileges to upload malicious files, which can then be executed to gain complete control over the affected server. Successful exploitation could lead to data theft, network disruption, and further unauthorized access into the corporate network.

This is an Arbitrary File Upload vulnerability. An attacker who has already obtained privileged credentials for the device's management interface can exploit this flaw by uploading a specially crafted file, such as a web shell. The application fails to properly validate the uploaded file's type or content, allowing the malicious file to be saved to a web-accessible directory on the server. The attacker can then execute the code within the file by navigating to its URL, resulting in arbitrary code execution with the permissions of the web server process.

This vulnerability is rated as High severity with a CVSS score of 7.2. A successful exploit would result in a complete compromise of the PrismX MX100 AP controller. This could allow an attacker to intercept or manipulate network traffic, steal sensitive configuration data, disable wireless network services, or use the compromised controller as a pivot point to launch further attacks against the internal network. The specific risks to the organization include data breaches, operational downtime, and a loss of integrity for the managed network environment.

Immediate Action: Apply the security updates provided by BROWAN COMMUNICATIONS to all affected PrismX MX100 AP controllers immediately. Before and after patching, closely monitor devices for any signs of compromise and review historical access and system logs for indicators of exploitation.

Proactive Monitoring: Monitor web server and application logs for suspicious file upload events, particularly files with executable extensions (e.g., .php, .jsp, .sh, .aspx). Scrutinize network traffic for unexpected outbound connections originating from the AP controller. Implement file integrity monitoring on the device's web directories to detect the creation of unauthorized files.

Compensating Controls: If immediate patching is not feasible, implement the following controls:

• Restrict access to the device's management interface to a limited set of trusted IP addresses or a dedicated management VLAN.
• Deploy a Web Application Firewall (WAF) with rules to inspect and block malicious or unexpected file types from being uploaded.
• Ensure all administrative credentials for the device are strong, unique, and not default.

Public Exploit Available: false

Given the high severity score and the potential for complete system compromise, it is strongly recommended that organizations prioritize the immediate application of vendor-supplied patches to all affected controllers. Although this vulnerability is not currently on the CISA KEV list and requires prior authentication, the impact of a successful exploit is severe. If patching is delayed, the compensating controls outlined above, particularly restricting network access to the management interface, should be implemented as a critical interim measure to reduce the attack surface.