Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-5991Improper Input Validation in Cisco Wireless LAN Controller Software

CWE-20Improper Input Validation5 documents5 sources
Severity
6.3MEDIUMNVD
EPSS
14.1%
top 5.63%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco Wireless LAN Controller Software
Timeline
PublishedDec 19
Latest updateMay 17

Description

screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain buttonClicked value in an internal webauth_type request, aka Bug ID CSCud50209.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 6.8 | Impact: 6.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-6hqg-ghvh-32h4: screens/base/web_auth_custom2022-05-17
CVEList
CVE-2012-5991: screens/base/web_auth_custom2012-12-19

💥Exploits & PoCs

1
Exploit-DB
Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities2012-12-13

📋Vendor Advisories

1
Cisco
Cisco Wireless LAN Controller Software Form Post Denial of Service Vulnerability2012-12-13
CVE-2012-5991 — Improper Input Validation in Cisco | cvebase