CVE-2025-20202

A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of access point AP Cisco Discovery Protocol CDP neighbor...

CVE-2025-20202

CVE-2025-20202 affects Cisco IOS XE Wireless Controller Software. The root cause is insufficient input validation of AP Cisco Discovery Protocol (CDP) neighbor reports processed by the wireless controller. An unauthenticated, adjacent attacker can send a crafted CDP packet to an AP, which could c...

CVE-2025-20190

A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby...

Cisco IOS XE Wireless Controller Software Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of access point AP Cisco Discovery Protocol CDP neighbor...

Cisco IOS XE Wireless Controller Software Unauthorized User Deletion Vulnerability

A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby...

PT-2025-20262 · Cisco · Cisco Ios Xe Wireless Controller

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Wireless Controller Software affected versions not specified Description: A vulnerability in the lobby ambassador web interface could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affect...

Cisco IOS XE Wireless Controller Software 安全漏洞

Cisco IOS XE Wireless Controller software is a wireless LAN controller from Cisco USA. It provides a management network function A security vulnerability exists in Cisco IOS XE Wireless Controller Software that stems from insufficient input validation and could lead to a denial of service attack...

Cisco IOS XE Wireless Controller software 访问控制错误漏洞

Cisco IOS XE Wireless Controller software is a wireless LAN controller from Cisco. The Cisco IOS XE Wireless Controller Software suffers from an Access Control Error vulnerability that stems from insufficient access control and can be exploited by an attacker to cause the deletion of arbitrary us...

PT-2025-20274 · Cisco · Cisco Ios Xe Wireless Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Wireless Controller Software affected versions not specified Description: A vulnerability could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This issue is due to...

Tenda AC500 fromDhcpListClient method list1 parameter buffer overflow vulnerability

Tenda AC500 is the wireless controller device introduced, designed for small and medium-sized businesses, with support for managing wireless networks across VLANs. A buffer overflow vulnerability exists in the Tenda AC500, which stems from the list1 parameter of the fromDhcpListClient method...

Tenda AC500 formexeCommand Method Command Injection Vulnerability

Tenda AC500 is the wireless controller device introduced, designed for small and medium-sized businesses, with support for managing wireless networks across VLANs. Tenda AC500 suffers from a command injection vulnerability that stems from the cmdinput parameter of the formexeCommand method failin...

Tenda AC500 fromSetVlanInfo Method Buffer Overflow Vulnerability

Tenda AC500 is the wireless controller device introduced, designed for small and medium-sized businesses, supporting cross-VLAN management of wireless networks. A buffer overflow vulnerability exists in the Tenda AC500, which originates from the port parameter of the fromSetVlanInfo method of the...

Tenda AC500 formSetTimeZone Method Buffer Overflow Vulnerability

Tenda AC500 is the wireless controller device introduced, designed for small and medium-sized businesses, with support for managing wireless networks across VLANs. A buffer overflow vulnerability exists in the Tenda AC500, which stems from the timeZone parameter of the formSetTimeZone method...

Cisco Access Points Managed from Catalyst DoS (cisco-sa-ap-dos-h9TGGX6W)

According to its self-reported version, Cisco access points managed by this Cisco Catalyst 9800 Series Wireless Controller are affected by a denial of service vulnerability. Due to insufficient input validation of certain IPv4 packets, an unauthenticated, remote attacker can causing attached acce...

The vulnerability of the command-line interface (CLI) of Cisco IOS XE wireless access controller devices allows attackers to increase their privileges.

The vulnerability of the command-line interface CLI of Cisco IOS XE wireless LAN controller systems is related to deficiencies in access control due to the use of the show and show tech wireless commands in WLAN configuration. Exploiting this vulnerability can allow an attacker to increase their...

PT-2023-5644 · Cisco · Cisco Wireless Lan Controller Aireos +1

Name of the Vulnerable Software and Affected Versions: Cisco Wireless LAN Controller WLC AireOS Software affected versions not specified Description: A vulnerability in the memory buffer of Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to caus...

CVE-2023-20100

A vulnerability in the access point AP joining process of the Control and Provisioning of Wireless Access Points CAPWAP protocol of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

Input validation

A vulnerability in Cisco access points AP software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker...

Cisco Access Point 命令注入漏洞

Cisco Access Point is a network access point device from Cisco, Inc. It provides high-density wireless connectivity for small offices. A security vulnerability exists in Cisco Access Point that stems from incorrect input validation of commands issued from the wireless controller to the AP...

CVE-2023-20097 Cisco Access Point Software Command Injection Vulnerability

A vulnerability in Cisco access points AP software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker...