EUVD-2019-10357

Malware in sbrugna...

CVE-2022-20695

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of...

CVE-2022-20695

CVE-2022-20695 affects Cisco Wireless LAN Controller (WLC) software. The issue is an authentication bypass caused by improper password validation, allowing an unauthenticated, remote attacker to log in via the management interface and gain administrator privileges. The vulnerability requires a no...

Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller WLC that could be abused by an unauthenticated, remote attacker to take control of an affected system. Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and...

Directory traversal

A vulnerability in the CLI of Cisco Wireless LAN Controller WLC Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in command-line parameters that describe filenames. An...

CVE-2019-1800

A vulnerability in the handling of Inter-Access Point Protocol IAPP messages by Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability exist because the software improperly validates input on field...

CVE-2019-1796

A vulnerability in the handling of Inter-Access Point Protocol IAPP messages by Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability exist because the software improperly validates input on field...

Race condition

A vulnerability in the handling of Inter-Access Point Protocol IAPP messages by Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability exist because the software improperly validates input on field...

CVE-2019-1799 Cisco Wireless LAN Controller Software IAPP Message Handling Denial of Service Vulnerabilities

A vulnerability in the handling of Inter-Access Point Protocol IAPP messages by Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability exist because the software improperly validates input on field...

CVE-2018-0382

CVE-2018-0382 describes a vulnerability in Cisco Wireless LAN Controller (WLC) Software affecting the web-based interface session management. The issue arises because the software does not properly clear previously assigned session identifiers when a user authenticates, enabling an unauthenticate...

Input validation

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol component of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper input validation on...

CVE-2018-0442

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol component of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The...

CVE-2018-0443 Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol component of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper input validation on...

Authentication flaw

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller WLC Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal circumstances, this access should be prohibited. The...

CVE-2018-0388

A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validatio...

CVE-2018-0388 Cisco Wireless LAN Controller Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validatio...

CVE-2017-3832

A vulnerability in the web management interface of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a missing internal handler for the specific request. An...

Cisco Wireless LAN Controller 802.11i Management Frame DoS

According to its self-reported version, the remote Cisco Wireless LAN Controller WLC device is affected by a denial of service vulnerability due to not discarding malformed values within an 802.11i management frame received from a wireless client. An unauthenticated, adjacent attacker can exploit...

Design/Logic Flaw

Cisco Wireless LAN Controller WLC Software 7.4 before 7.4.130.0MD and 7.5, 7.6, and 8.0 before 8.0.110.0ED allows remote attackers to cause a denial of service device reload via crafted Bonjour traffic, aka Bug ID CSCur66908...

CVE-2016-1364

Cisco Wireless LAN Controller WLC Software 7.4 before 7.4.130.0MD and 7.5, 7.6, and 8.0 before 8.0.110.0ED allows remote attackers to cause a denial of service device reload via crafted Bonjour traffic, aka Bug ID CSCur66908...