Cisco Wireless Lan Controller Software vulnerabilities

CVE-2024-20354 [MEDIUM] CWE-460 CVE-2024-20354: A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Soft A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit

CVE-2024-20271 [HIGH] CWE-20 CVE-2024-20271: A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unaut A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 pac

CVE-2023-20268 [MEDIUM] CWE-400 CVE-2023-20268: A vulnerability in the packet processing functionality of Cisco access point (AP) software could all A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a s

CVE-2023-20097 [MEDIUM] CWE-77 CVE-2023-20097: A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller

CVE-2023-20056 [MEDIUM] CWE-78 CVE-2023-20056: A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticat A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a devi

CVE-2022-20769 [HIGH] CWE-787 CVE-2022-20769: A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS So A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted pack

CVE-2021-1419 [HIGH] CWE-284 CVE-2021-1419: A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploi

CVE-2021-1437 [HIGH] CWE-275 CVE-2021-1437: A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software co A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sen

CVE-2021-1423 [MEDIUM] CWE-668 CVE-2021-1423: A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could all A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted a

CVE-2021-1449 [MEDIUM] CWE-284 CVE-2021-1449: A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, loca A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that i

CVE-2020-3560 [HIGH] CWE-400 CVE-2020-3560: A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific po

CVE-2019-15276 [MEDIUM] CWE-20 CVE-2019-15276: A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-pri A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerabil

CVE-2019-15266 [MEDIUM] CWE-22 CVE-2019-15266: A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authentica A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in command-line parameters that describe filenames. An attacker could exploit this vulnerability by using dire

CVE-2019-1797 [HIGH] CWE-352 CVE-2019-1797: A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Softwar A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. The vulnerability is due to

CVE-2019-1800 [MEDIUM] CWE-399 CVE-2019-1800: A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit

CVE-2019-1805 [MEDIUM] CWE-284 CVE-2019-1805: A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementatio A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input- and validation-checking mechanisms for inbound SSH c

CVE-2019-1830 [MEDIUM] CWE-20 CVE-2019-1830: A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Contr A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) condition. The attacker would need to have valid administrator credentials. The vulnerability is due to incorrec

CVE-2019-1799 [MEDIUM] CWE-399 CVE-2019-1799: A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit

CVE-2019-1796 [MEDIUM] CWE-399 CVE-2019-1796: A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit

CVE-2018-0382 [MEDIUM] CWE-287 CVE-2018-0382: A vulnerability in the session identification management functionality of the web-based interface of A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected software does not properly clear previously assigned sessio