215 matches found
CVE-2022-20695
CVE-2022-20695 affects Cisco Wireless LAN Controller (WLC) software. The issue is an authentication bypass caused by improper password validation, allowing an unauthenticated, remote attacker to log in via the management interface and gain administrator privileges. The vulnerability requires a no...
Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software
Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller WLC that could be abused by an unauthenticated, remote attacker to take control of an affected system. Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and...
CVE-2020-23055
ANCOM WLAN Controller Wireless Series & Hotspot WLC-1000 & WLC-4006 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the /authen/start/ module via the userid and password parameters...
CVE-2020-23055
CVE-2020-23055 affects ANCOM WLAN Controller models WLC-1000 and WLC-4006. The devices were found to contain multiple cross-site scripting (XSS) vulnerabilities in the /authen/start/ module, exploitable via the userid and password parameters. The issue is documented with CVSS metrics: CVSS v3.1 b...
ANCOM WLAN Controller WLC-1000 跨站脚本漏洞
The ANCOM WLAN Controller WLC-1000 is an industrial control system. A security vulnerability exists in the ANCOM WLAN Controller WLC-1000 and WLC-4006 that allows an attacker to include multiple cross-site scripting vulnerabilities in the "/authen/start/" module via the user ID and password...
Cisco IOS XE Software for Catalyst 9800 Series DoS (cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX)
According to its self-reported version, Cisco IOS XE Software is affected by a DoS vulnerability in the Flexible NetFlow Version 9 packet processor due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An unauthenticated, remote attacker could cause a DoS...
Input validation
A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...
Input validation
A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol handler of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficien...
CVE-2020-3273 Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability
A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...
CVE-2020-3273
Cisco WLC vulnerability CVE-2020-3273 affects 802.11 GAS frame processing due to incomplete input validation. An unauthenticated attacker can trigger a reload (DoS) by sending a crafted GAS frame over the air to an AP, or send a malicious GAS payload via CAPWAP from Layer 3 connectivity to the WL...
CVE-2020-3273 Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability
A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...
CVE-2020-3262 Cisco Wireless LAN Controller CAPWAP Denial of Service Vulnerability
A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol handler of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficien...
CVE-2020-3262
CVE-2020-3262 affects Cisco Wireless LAN Controller (WLC) CAPWAP protocol handler. The issue stems from insufficient CAPWAP packet validation in the WLC software, allowing an unauthenticated, remote attacker to trigger a DoS by sending a malformed CAPWAP packet, potentially restarting the device....
Cisco WLC 2504 8.9 Denial Of Service
Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not...
Cisco WLC 2504 8.9 - Denial of Service (PoC)
Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not...
Cisco WLC 2504 8.9 - Denial of Service Exploit
Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not applicable, works independent from OS CV...
Cisco WLC 2504 8.9 - Denial of Service (PoC)
Cisco WLC 2504 8.9 - Denial of Service PoC Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-do...
CVE-2019-15262
A vulnerability in the Secure Shell SSH session management for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the SSH process is not properly deleted when...
Directory traversal
A vulnerability in the CLI of Cisco Wireless LAN Controller WLC Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in command-line parameters that describe filenames. An...
CVE-2019-15266
Cisco WLC Path Traversal (CVE-2019-15266) is a local directory-traversal vulnerability in the CLI that could let an authenticated, local attacker view restricted system files by exploiting improper sanitization of filenames in command-line parameters. Connected sources confirm the issue affects C...