Lucene search
+L

215 matches found

CVE
CVE
added 2022/04/15 2:15 p.m.130 views

CVE-2022-20695

CVE-2022-20695 affects Cisco Wireless LAN Controller (WLC) software. The issue is an authentication bypass caused by improper password validation, allowing an unauthenticated, remote attacker to log in via the management interface and gain administrator privileges. The vulnerability requires a no...

10CVSS9.8AI score0.1986EPSS
Exploits0References1Affected Software2
The Hacker News
The Hacker News
added 2022/04/15 4:5 a.m.49 views

Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller WLC that could be abused by an unauthenticated, remote attacker to take control of an affected system. Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and...

0.9AI score0.1986EPSS
Exploits0
OSV
OSV
added 2021/10/22 8:15 p.m.4 views

CVE-2020-23055

ANCOM WLAN Controller Wireless Series & Hotspot WLC-1000 & WLC-4006 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the /authen/start/ module via the userid and password parameters...

5.4CVSS6AI score0.00551EPSS
Exploits1References1
CVE
CVE
added 2021/10/22 7:20 p.m.46 views

CVE-2020-23055

CVE-2020-23055 affects ANCOM WLAN Controller models WLC-1000 and WLC-4006. The devices were found to contain multiple cross-site scripting (XSS) vulnerabilities in the /authen/start/ module, exploitable via the userid and password parameters. The issue is documented with CVSS metrics: CVSS v3.1 b...

5.4CVSS5.5AI score0.00551EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.5 views

ANCOM WLAN Controller WLC-1000 跨站脚本漏洞

The ANCOM WLAN Controller WLC-1000 is an industrial control system. A security vulnerability exists in the ANCOM WLAN Controller WLC-1000 and WLC-4006 that allows an attacker to include multiple cross-site scripting vulnerabilities in the "/authen/start/" module via the user ID and password...

5.4CVSS5.5AI score0.00551EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/10/12 12:0 a.m.49 views

Cisco IOS XE Software for Catalyst 9800 Series DoS (cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX)

According to its self-reported version, Cisco IOS XE Software is affected by a DoS vulnerability in the Flexible NetFlow Version 9 packet processor due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An unauthenticated, remote attacker could cause a DoS...

8.6CVSS8AI score0.01374EPSS
Exploits0References4
Prion
Prion
added 2020/04/15 9:15 p.m.20 views

Input validation

A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...

5CVSS7.5AI score0.01274EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2020/04/15 9:15 p.m.18 views

Input validation

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol handler of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficien...

5CVSS7.5AI score0.01434EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2020/04/15 8:11 p.m.9 views

CVE-2020-3273 Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability

A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...

8.6CVSS7.1AI score0.01274EPSS
Exploits0References1
CVE
CVE
added 2020/04/15 8:11 p.m.71 views

CVE-2020-3273

Cisco WLC vulnerability CVE-2020-3273 affects 802.11 GAS frame processing due to incomplete input validation. An unauthenticated attacker can trigger a reload (DoS) by sending a crafted GAS frame over the air to an AP, or send a malicious GAS payload via CAPWAP from Layer 3 connectivity to the WL...

8.6CVSS7.6AI score0.01274EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/04/15 8:11 p.m.25 views

CVE-2020-3273 Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability

A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...

8.6CVSS7.6AI score0.01274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/04/15 8:11 p.m.15 views

CVE-2020-3262 Cisco Wireless LAN Controller CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol handler of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficien...

8.6CVSS7AI score0.01434EPSS
Exploits0References1
CVE
CVE
added 2020/04/15 8:11 p.m.82 views

CVE-2020-3262

CVE-2020-3262 affects Cisco Wireless LAN Controller (WLC) CAPWAP protocol handler. The issue stems from insufficient CAPWAP packet validation in the WLC software, allowing an unauthenticated, remote attacker to trigger a DoS by sending a malformed CAPWAP packet, potentially restarting the device....

8.6CVSS7.6AI score0.01434EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2019/12/04 12:0 a.m.151 views

Cisco WLC 2504 8.9 Denial Of Service

Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not...

0.2AI score0.46305EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/04 12:0 a.m.242 views

Cisco WLC 2504 8.9 - Denial of Service (PoC)

Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not...

7.7CVSS6.9AI score0.46305EPSS
Exploits5
0day.today
0day.today
added 2019/12/04 12:0 a.m.294 views

Cisco WLC 2504 8.9 - Denial of Service Exploit

Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not applicable, works independent from OS CV...

6.5CVSS6.6AI score0.46305EPSS
Exploits5
exploitpack
exploitpack
added 2019/12/04 12:0 a.m.98 views

Cisco WLC 2504 8.9 - Denial of Service (PoC)

Cisco WLC 2504 8.9 - Denial of Service PoC Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-do...

4CVSS0.2AI score0.46305EPSS
Exploits5
OSV
OSV
added 2019/10/16 7:15 p.m.4 views

CVE-2019-15262

A vulnerability in the Secure Shell SSH session management for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the SSH process is not properly deleted when...

7.5CVSS5.8AI score0.01415EPSS
Exploits0References1
Prion
Prion
added 2019/10/16 7:15 p.m.20 views

Directory traversal

A vulnerability in the CLI of Cisco Wireless LAN Controller WLC Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in command-line parameters that describe filenames. An...

2.1CVSS4.5AI score0.0065EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/16 6:36 p.m.85 views

CVE-2019-15266

Cisco WLC Path Traversal (CVE-2019-15266) is a local directory-traversal vulnerability in the CLI that could let an authenticated, local attacker view restricted system files by exploiting improper sanitization of filenames in command-line parameters. Connected sources confirm the issue affects C...

4.4CVSS4.4AI score0.0065EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder