A customer of mine did a vulnerability scan and reported the vulnerability below:
"This vulnerability was identified because (1) the detected version of Lighttpd, 1.4.38, is less than 1.4.50
I tried accessing the device remotely but couldn't log on. We checked the DHCP pool and the device was an Access Point. I'm a bit confused because from my understanding, the lighttpd vulnerability only affects Cisco IOS-XR devices.
I want to confirm if the reported vulnerability also affects Access Points and if it does, how can it be fixed.
Thanks in anticipation!!!
APs typically don't run a web server, unless they are in Mobility Express mode.
If you are utilizing that feature, then yes it might be vulnerable: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvn48153?rfs=iqvred
CAPWAP APs also contain a webserver for OEAP (Office Extend) functionality where the user gets a simple web interface for managing their client side access.
Disabling Office Extend should disable the web server (though might not?).
You didn't mention whether the AP is ME or CAPWAP or what software version it's running?
Either way as @marce1000 suggested you should, in any case, update to latest software as per https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html or https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/214749-tac-recommended-ios-xe-builds-for-wirele.html to make sure you eliminate a whole host of other security vulnerabilities that may not have been detected.