Cisco Wireless Lan Controller vulnerabilities

CVE-2020-3559 [HIGH] CWE-400 CVE-2020-3559: A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote a A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affec

CVE-2020-3552 [HIGH] CWE-476 CVE-2020-3552: A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the E

CVE-2020-3560 [HIGH] CWE-400 CVE-2020-3560: A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific po

CVE-2019-1800 [MEDIUM] CWE-399 CVE-2019-1800: A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit

CVE-2019-1796 [MEDIUM] CWE-399 CVE-2019-1796: A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit

CVE-2019-1799 [MEDIUM] CWE-399 CVE-2019-1799: A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit

CVE-2018-0417 [HIGH] CWE-264 CVE-2018-0417: A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could all A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerability is due to incorrect parsing of a specific TACACS attribute received in the TACACS response from the

CVE-2016-9195 [MEDIUM] CWE-399 CVE-2016-9195: A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by disconnecting a single connection. This vulnerability affects Cisco Wireless LAN Controller running software release 8.3.102.0. More Inform

CVE-2016-9194 [MEDIUM] CWE-399 CVE-2016-9194: A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wire A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of the 802.11 WME packet header. An attacker could exploit this vu

CVE-2016-6376 [MEDIUM] CWE-399 CVE-2016-6376: The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (W The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263.

CVE-2015-6311 [MEDIUM] CWE-399 CVE-2015-6311: Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allo Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allow remote attackers to cause a denial of service (device outage) by sending malformed 802.11i management data to a managed access point, aka Bug ID CSCub65236.

CVE-2015-0756 [MEDIUM] CWE-20 CVE-2015-0756: Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) allow remote attackers to cause a Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) allow remote attackers to cause a denial of service (wireless-networking outage) via crafted TCP traffic on the local network, aka Bug ID CSCug67104.

CVE-2016-1460 Cisco Wireless LAN Controller Denial of Service Vulnerability CVE-2016-1460: Cisco Wireless LAN Controller Denial of Service Vulnerability A vulnerability in wireless frame management service of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient handling of wireless management frames. An attacker could exploit this vulnerability by sen

CVE-2018-0248 Cisco Wireless LAN Controller Software GUI Configuration Denial of Service Vulnerabilities CVE-2018-0248: Cisco Wireless LAN Controller Software GUI Configuration Denial of Service Vulnerabilities Multiple vulnerabilities in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a

CVE-2016-1362 Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability CVE-2016-1362: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the prese

CVE-2022-20695 Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability CVE-2022-20695: Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementatio

CVE-2018-0443 Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability CVE-2018-0443: Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a

CVE-2018-0420 Cisco Wireless LAN Controller Software Directory Traversal Vulnerability CVE-2018-0420: Cisco Wireless LAN Controller Software Directory Traversal Vulnerability A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames. An attacker could exploit this v

CVE-2018-0416 Cisco Wireless LAN Controller Software Information Disclosure Vulnerability CVE-2018-0416: Cisco Wireless LAN Controller Software Information Disclosure Vulnerability A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms in the web-based in

CVE-2018-0442 Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability CVE-2018-0442: Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker t