CVE-2021-1373

CVE-2021-1373 affects Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Wireless Controllers. The issue arises from insufficient validation of CAPWAP packets in CAPWAP processing, allowing an unauthenticated, remote attacker to cause a denial-of-service by sending malformed C...

CVE-2021-1373 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of a...

CVE-2021-1374 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the web-based management interface of an...

CVE-2021-1374

CVE-2021-1374 describes a stored cross-site scripting (XSS) vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family. The issue arises from insufficient validation of user-supplied input in the management UI. An attacker who aut...

CVE-2021-1374 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the web-based management interface of an...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of a...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the web-based management interface of an...

思科 Cisco IOS XE Wireless Controller software 跨站脚本漏洞

Cisco IOS XE Wireless Controller software is a wireless LAN controller from Cisco USA. It provides a management network function. A cross-site scripting vulnerability exists in the Cisco IOS XE Wireless Controller software, which can be exploited by an attacker to conduct a cross-site scripting...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family Stored Cross Site Scripting (cisco-sa-ewlc-xss-cAfMtCzv)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family CAPWAP DoS (cisco-sa-capwap-dos-TPdNTdyq)

According to its self-reported version, Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers, Catalyst 9300, 9400, and 9500 Series Switches, and Catalyst 9100 Access Points are affected by multiple denial of service DoS vulnerabilities due to insufficient validation of CAPWAP...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family WLAN Local Profiling DoS (cisco-sa-dclass-dos-VKh9D8k3)

According to its self-reported version, Cisco IOS XE is affected by a Denial of Service vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family. This vulnerability is due to incorrect parsing of HTTP packets while performin...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family Improper Access Control (cisco-sa-ewlc-icmpv6-qb9eYyCR)

According to its self-reported version, Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Routers is affected by an improper access control vulnerability due to an incomplete access control list ACL being applied prior to RUN state. An attacker could exploit this...

Unauthorized Access Vulnerability in Sitronix Wireless Controller MQTT Server

Wuhan Cetron Cetron Technology Co., Ltd Cetron is a high-tech innovative enterprise focusing on the design and development of smart home products. An unauthorized access vulnerability exists in the MQTT server of Cetron's wireless controller, which can be exploited by an attacker to obtain...

Binary Vulnerability in Sitronix Wireless Controller

Wuhan Cetron Cetron Technology Co., Ltd Cetron is a high-tech innovative enterprise focusing on the design and development of smart home products. A binary vulnerability exists in the Cetron Wireless Controller. An attacker can exploit this vulnerability to gain control of the server...

ZXELINK ZXV10 W908 SQL Injection Vulnerability

The ZXV10 W908 is a wireless access controller from ZXELINK. A SQL injection vulnerability exists in versions prior to ZXELINK ZXV10 W908 MIPSA1022IPV6R3T6P7Y20. The vulnerability stems from the device failing to properly filter parameters. An attacker can exploit the vulnerability by sending...

CVE-2020-6880

A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before...

Sql injection

A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before...

CVE-2020-6880

The CVE-2020-6880 issue affects ZXELINK ZXV10 W908 wireless controller devices, where an SQL injection flaw stems from improper parameter filtering. A remote attacker can send crafted SQL statements without authentication and escalate to administrative rights. Affected versions are prior to ZXELI...

CVE-2020-6880

A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before...

Code Execution Vulnerability in Netgear WMS5316

The NETGEAR WMS5316, Wireless Controller is an easy-to-use device that simplifies the creation and management of wireless networks. A code execution vulnerability exists in the Netgear WMS5316. An attacker could exploit the vulnerability to gain server privileges...