CVE-2015-4224OS Command Injection in Cisco Wireless LAN Controller Software

CWE-78OS Command Injection4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.2%
top 53.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Wireless LAN Controller Software
Timeline
PublishedJun 26
Latest updateMay 17

Description

Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-fwqh-hp5q-r4gh: Cisco Wireless LAN Controller (WLC) devices with software 72022-05-17
CVEList
CVE-2015-4224: Cisco Wireless LAN Controller (WLC) devices with software 72015-06-26

📋Vendor Advisories

1
Cisco
Cisco Wireless LAN Controller Command Injection Vulnerability2015-06-25
CVE-2015-4224 — OS Command Injection in Cisco | cvebase