CVE-2007-2032

4 documents4 sources
Severity
7.5HIGH
EPSS
1.4%
top 19.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Wireless Control System
Timeline
PublishedApr 16
Latest updateMay 1

Description

Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

โ–ถNVDcisco/wireless_control_system4.0, 4.0.95+1

Patches

Patch: www.cisco.com โ†—Patch: www.cisco.com โ†—

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-3737-4gjf-cp7r: Cisco Wireless Control System (WCS) before 4โ†—2022-05-01
โ–ถ
CVEList
CVE-2007-2032: Cisco Wireless Control System (WCS) before 4โ†—2007-04-16
โ–ถ

๐Ÿ’ฅExploits & PoCs

1
Exploit-DB
OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scriptingโ†—2007-12-06
โ–ถ