Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery

Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery Product : Cisco Wireless Controller Version : 3.6.10E last version Date: 23.07.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Mehmet Önder Key Website: htts://cloudvist.com CVE: CVE-2019-12624 Description : The applicatio...

Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery

Product : Cisco Wireless Controller Version : 3.6.10E last version Date: 23.07.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Mehmet Önder Key Website: htts://cloudvist.com CVE: CVE-2019-12624 Description : The application interface allows users to perform certain actions via HTTP...

Cisco Wireless Controller 3.6.10E Cross Site Request Forgery

Product : Cisco Wireless Controller Version : 3.6.10E last version Date: 23.07.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Mehmet Önder Key Website: htts://cloudvist.com Description : The application interface allows users to perform certain actions via HTTP requests without...

The vulnerability of the SSH network protocol implementation in Cisco Wireless LAN Controllers allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Secure Shell SSH network protocol implementation in Cisco Wireless LAN Controller WLC software relates to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2019-1797

A vulnerability in the web-based management interface of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on the device with the privileges of the user, including modifying...

The vulnerability of the CAPWAP Discovery Request analysis procedure implemented in the Cisco Wireless LAN Controller allows a attacker to cause a service failure.

The vulnerability of the CAPWAP request analysis process, where the Cisco Wireless LAN Controller is involved, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by reloading the targeted device with...

Vulnerability in the authentication and authorization mechanisms of the Cisco Wireless LAN Controller, allowing attackers to increase their privileges

The vulnerability in the authentication and authorization mechanisms of the Cisco Wireless LAN Controller is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges within the Cisco TrustSec network security management system...

The vulnerability of the CAPWAP Discovery Request analysis process implementation in the Cisco Wireless LAN Controller allows a attacker to disclose protected information.

The vulnerability of the CAPWAP request analysis process, where the Cisco Wireless LAN Controller processes Discovery Requests, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

Linux Kernel CVE-2018-5391 Remote Denial of Service Vulnerability

Description Linux Kernel is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Arista Extendible Operating System EOS 4.20.0F Arista Extendible Operating System EOS 4.20.1F Arista Extendible Operating...

Cisco Wireless LAN Controller 802.11 Management Frame Denial of Service Vulnerability

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. An input validation vulnerability exists in the 802.11 frame validation feature in the Cisco WLC, which stems...

Sensitive Information Disclosure Vulnerability in Cisco Wireless LAN Controllers

The Cisco 5500 and 8500 Series Wireless LAN Controller WLC Software are wireless LAN control software from Cisco, Inc.The REST API is one of the real-time communication APIs. An information disclosure vulnerability exists in the REST API in the Cisco 5500 and 8500 Series WLC Software, which stems...

CVE-2018-0252

A vulnerability in the IP Version 4 IPv4 fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The...

CVE-2018-0245

A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking...

Cisco Wireless LAN Controller Denial of Service Vulnerability (CNVD-2017-32921)

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. A denial of service vulnerability exists in the implementation of the 802.11v Basic Service Set BSS Transition...

CVE-2017-12222

A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service DoS condition. The vulnerability is due to insufficient input validation. An attacker could exploit this...

CVE-2017-12226

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless Controllers NGWC 3850 could allow an authenticated, remote attacker to elevate...

CVE-2017-12222

A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service DoS condition. The vulnerability is due to insufficient input validation. An attacker could exploit this...

Input validation

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless Controllers NGWC 3850 could allow an authenticated, remote attacker to elevate...

CVE-2017-12222

CVE-2017-12222 describes a DoS in Cisco IOS XE Wireless Controller Manager. An unauthenticated, adjacent attacker can trigger a restart of Cisco Catalyst 3650/3850 switches running IOS XE versions 16.1–16.3.3 by sending a crafted association request, due to insufficient input validation. The vuln...

CVE-2017-12226

CVE-2017-12226 affects Cisco IOS XE on the 5760 WLC, Catalyst 4500E 8-E (Wireless), and NGWC 3850. The root cause is incomplete input validation of HTTP requests in the web GUI when GUI connection state or protocol changes. An authenticated Lobby Administrator could change their GUI connection st...