Cisco Aironet Access Point Software vulnerabilities

CVE-2024-20354 [MEDIUM] CWE-460 CVE-2024-20354: A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Soft A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit

CVE-2024-20271 [HIGH] CWE-20 CVE-2024-20271: A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unaut A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 pac

CVE-2024-20265 [MEDIUM] CWE-501 CVE-2024-20265: A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticat A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary commands are available during boot time at the physical cons

CVE-2023-20176 [MEDIUM] CWE-400 CVE-2023-20176: A vulnerability in the networking component of Cisco access point (AP) software could allow an unaut A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a

CVE-2023-20268 [MEDIUM] CWE-400 CVE-2023-20268: A vulnerability in the packet processing functionality of Cisco access point (AP) software could all A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a s

CVE-2023-20097 [MEDIUM] CWE-77 CVE-2023-20097: A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller

CVE-2023-20056 [MEDIUM] CWE-78 CVE-2023-20056: A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticat A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a devi

CVE-2023-20112 [HIGH] CWE-126 CVE-2023-20112: A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacke A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association

CVE-2022-20622 [HIGH] CWE-770 CVE-2022-20622: A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catal A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usa

CVE-2021-34740 [HIGH] CWE-401 CVE-2021-34740: A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected

CVE-2021-1437 [HIGH] CWE-275 CVE-2021-1437: A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software co A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sen

CVE-2021-1423 [MEDIUM] CWE-668 CVE-2021-1423: A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could all A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted a

CVE-2021-1449 [MEDIUM] CWE-284 CVE-2021-1449: A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, loca A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that i

CVE-2020-3560 [HIGH] CWE-400 CVE-2020-3560: A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific po

CVE-2020-3552 [HIGH] CWE-476 CVE-2020-3552: A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the E

CVE-2020-3559 [HIGH] CWE-400 CVE-2020-3559: A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote a A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affec

CVE-2020-3262 [HIGH] CWE-20 CVE-2020-3262: A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could expl

CVE-2020-3260 [MEDIUM] CWE-399 CVE-2020-3260: A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjac A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point (AP). An attacker could exploit this vulnerability by sendin

CVE-2019-15260 [CRITICAL] CWE-284 CVE-2019-15260: A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected device. An attacker could exploit this vulnerability by requesting specific

CVE-2019-15261 [HIGH] CWE-20 CVE-2019-15261: A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN packet processing functionality A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN packet processing functionality in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Generic Routing Encapsulat