Wireless Appliance Security Vulnerabilities
An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to...
9.8CVSS
9.6AI Score
0.001EPSS
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure...
7.5CVSS
7.5AI Score
0.001EPSS
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on.....
6.8CVSS
5.9AI Score
0.002EPSS
UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less...
8.8CVSS
8.5AI Score
0.006EPSS
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with root privileges using chroothole_client's PHP call, a related issue to...
6.7CVSS
7.6AI Score
0.003EPSS
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted...
8.2CVSS
8.4AI Score
0.001EPSS
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in...
8.8CVSS
8.7AI Score
0.005EPSS
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing the....
6.7CVSS
7AI Score
0.002EPSS
The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows remote attackers to gain root privileges via a dollar sign ($) metacharacter in the argument to...
8.2CVSS
7.1AI Score
0.003EPSS
The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less...
7.2CVSS
6.8AI Score
0.019EPSS
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID...
7.5CVSS
7.1AI Score
0.026EPSS
Cisco 2700 Series Wireless Location Appliances before 2.1.34.0 have a default administrator username "root" and password "password," which allows remote attackers to obtain administrative privileges, aka Bug ID...
6.8AI Score
0.016EPSS
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka...
5.9AI Score
0.018EPSS
SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. NOTE: this issue was later reported to also affect firmware...
8.5AI Score
0.005EPSS