CVE-2021-1374 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the web-based management interface of an...

CVE-2021-1374 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the web-based management interface of an...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of a...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family Stored Cross Site Scripting (cisco-sa-ewlc-xss-cAfMtCzv)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family CAPWAP DoS (cisco-sa-capwap-dos-TPdNTdyq)

According to its self-reported version, Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers, Catalyst 9300, 9400, and 9500 Series Switches, and Catalyst 9100 Access Points are affected by multiple denial of service DoS vulnerabilities due to insufficient validation of CAPWAP...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family WLAN Local Profiling DoS (cisco-sa-dclass-dos-VKh9D8k3)

According to its self-reported version, Cisco IOS XE is affected by a Denial of Service vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family. This vulnerability is due to incorrect parsing of HTTP packets while performin...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family Improper Access Control (cisco-sa-ewlc-icmpv6-qb9eYyCR)

According to its self-reported version, Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Routers is affected by an improper access control vulnerability due to an incomplete access control list ACL being applied prior to RUN state. An attacker could exploit this...

Unauthorized Access Vulnerability in Sitronix Wireless Controller MQTT Server

Wuhan Cetron Cetron Technology Co., Ltd Cetron is a high-tech innovative enterprise focusing on the design and development of smart home products. An unauthorized access vulnerability exists in the MQTT server of Cetron's wireless controller, which can be exploited by an attacker to obtain...

CVE-2020-6880

A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before...

Sql injection

A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before...

CVE-2020-6880

The CVE-2020-6880 issue affects ZXELINK ZXV10 W908 wireless controller devices, where an SQL injection flaw stems from improper parameter filtering. A remote attacker can send crafted SQL statements without authentication and escalate to administrative rights. Affected versions are prior to ZXELI...

CVE-2020-6880

A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before...

CVE-2020-3429

A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service DoS condition on an affected device. The vulnerability is due to incorrect pack...

CVE-2020-3418

A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control list ACL being...

Input validation

A vulnerability in Simple Network Management Protocol SNMP trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of...

Improper access control

A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control list ACL being...

CVE-2020-3390

CVE-2020-3390 affects Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family. The issue stems from insufficient input validation when generating SNMP traps for wireless clients, allowing an unauthenticated adjacent attacker to trigger a device reload during wireless authentication...

CVE-2020-3390 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability

A vulnerability in Simple Network Management Protocol SNMP trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of...

CVE-2020-3399 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of an affected device. The...

CVE-2020-3418

CVE-2020-3418 affects Cisco IOS XE Wireless Controller Software for the Catalyst 9000 family (Catalyst 9800 series). Root cause: incomplete access control list (ACL) applied before RUN state, allowing an unauthenticated adjacent attacker to send ICMPv6 traffic by connecting to the SSID. Impact de...