72 matches found
Cisco Aironet suffers from a denial of service vulnerability (CNVD-2018-08990)
The Cisco Aironet 1810, 1830, and 1850 Series Access Points are different families of wireless access point devices from Cisco, Inc.Mobility Express Software is a set of management and control software that runs on them. The Mobility Express Software versions 8.4.100.0, 8.5.103.0, and 8.5.105.0 o...
CVE-2018-0235
A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller WLC could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to incomplete input...
CVE-2018-0226
A vulnerability in the assignment and management of default user accounts for Secure Shell SSH access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affecte...
CVE-2018-0226
A vulnerability in the assignment and management of default user accounts for Secure Shell SSH access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affecte...
CVE-2018-0234
A vulnerability in the implementation of Point-to-Point Tunneling Protocol PPTP functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...
CVE-2018-0234
A vulnerability in the implementation of Point-to-Point Tunneling Protocol PPTP functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...
Input validation
A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller WLC could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to incomplete input...
Default configuration
A vulnerability in the assignment and management of default user accounts for Secure Shell SSH access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affecte...
CVE-2018-0226
CVE-2018-0226 affects Cisco Aironet 1800/2800/3800 Series Access Points running Mobility Express Software. The issue stems from the Mobility Express controller configuring the default SSH user account to be the first SSH user created on the controller, potentially granting an administrator-like p...
CVE-2018-0234
A vulnerability in the implementation of Point-to-Point Tunneling Protocol PPTP functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...
CVE-2018-0235
A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller WLC could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to incomplete input...
CVE-2018-0226
A vulnerability in the assignment and management of default user accounts for Secure Shell SSH access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affecte...
The vulnerability of Cisco Mobility Express Software for Cisco Aironet 1830 Series and 1850 Series access points, related to the use of pre-installed credentials, allows a perpetrator to gain full control over the device.
The vulnerability of Cisco Mobility Express Software for Cisco Aironet 1830 Series and 1850 Series access points stems from the ability to connect to the device using pre-installed credentials, regardless of the device’s configuration master, subordinate, or standalone access point. Exploiting th...
CVE-2017-12273
A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency RF adjacent attacker to cause the Access Point AP to reload, resulting in a denial of service DoS condition. The...
Cisco Aironet 1800, 2800, and 3800 Series Access Points Plug-and-Play Arbitrary Code Execution Vulnerability
A vulnerability in the Plug-and-Play PnP subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point AP or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges. The vulnerability is...
Cisco Mobility Express Software Default Credential Security Bypass Vulnerability
Cisco Mobility Express Software is a wireless networking solution. A security vulnerability exists in the implementation of Cisco Mobility Express Software that Cisco Aironet 1830 Series, Cisco Aironet 1850 Series Access Points devices are running due to default credentials. An unauthenticated...
Design/Logic Flaw
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected...
CVE-2016-9197
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected...
CVE-2016-9197
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected...
CVE-2016-9197
CVE-2016-9197 affects Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers. The root cause is a vulnerability in the CLI command parser due to incorrect permissions assigned to configured users, enabling an authenticated, local attacker to obtain access to the underlying operating...