Skip to main content

Wireless Lan Controller Software

68 CVEs product

Monthly

CVE-2024-20354 HIGH This Week

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Ios Xe
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2024-20271 HIGH This Week

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Ios Xe Business Access Points Wireless Lan Controller Software
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2023-20268 MEDIUM This Month

A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.  This. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Catalyst 9800 Embedded Wireless Controller Firmware Business 150Ax Firmware +1
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-20097 MEDIUM This Month

A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Wireless Lan Controller Software Aironet Access Point Software Ios Xe
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-20056 MEDIUM This Month

A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Command Injection Wireless Lan Controller Software Aironet Access Point Software +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-20769 MEDIUM This Month

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Cisco Denial Of Service Buffer Overflow Wireless Lan Controller Software
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-1419 HIGH PATCH This Week

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Cisco Authentication Bypass Aironet 1542D Firmware Aironet 1562D Firmware Aironet 1815M Firmware +38
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1423 MEDIUM This Month

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Aironet Access Point Software Catalyst 9800 Firmware Wireless Lan Controller Software
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-1449 MEDIUM This Month

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Aironet Access Point Software Catalyst 9800 Firmware Wireless Lan Controller Software
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-1437 HIGH This Week

A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Aironet Access Point Software Catalyst 9800 Firmware Wireless Lan Controller Software
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-3560 HIGH This Week

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Wireless Lan Controller Software Business Access Points +2
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2019-15276 MEDIUM POC THREAT This Month

A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
46.3%
CVE-2019-15266 MEDIUM This Month

A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
4.4
EPSS
0.7%
CVE-2019-1830 MEDIUM This Month

A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
4.9
EPSS
1.2%
CVE-2019-1805 MEDIUM This Month

A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2019-1800 MEDIUM This Month

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Wireless Lan Controller Software
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2019-1799 MEDIUM This Month

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Wireless Lan Controller Software
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-1797 HIGH This Week

A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Wireless Lan Controller Software
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-1796 MEDIUM This Month

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Wireless Lan Controller Software
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2018-0443 HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
7.5
EPSS
3.4%
CVE-2018-0442 HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2018-0420 MEDIUM This Month

A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
6.5
EPSS
4.6%
CVE-2018-0417 HIGH This Week

A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Wireless Lan Controller Software Wireless Lan Controller
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2018-15395 MEDIUM This Month

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-0416 MEDIUM This Month

A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
5.3
EPSS
2.5%
CVE-2018-0388 MEDIUM This Month

A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
4.8
EPSS
1.0%
CVE-2018-0252 HIGH This Week

A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
8.6
EPSS
2.5%
CVE-2018-0247 MEDIUM This Month

A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple Wireless Lan Controller Software Aironet Access Point Software
NVD
CVSS 3.0
4.7
EPSS
0.9%
CVE-2018-0245 MEDIUM This Month

A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
5.3
EPSS
2.3%
CVE-2018-0235 HIGH This Week

A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2017-12282 MEDIUM This Month

A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-12280 HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) Discovery Request parsing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-12278 MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart,. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
6.3
EPSS
0.8%
CVE-2017-12275 HIGH This Week

A vulnerability in the implementation of 802.11v Basic Service Set (BSS) Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
7.4
EPSS
0.3%
CVE-2016-9219 HIGH This Week

A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Wireless Lan Controller Firmware Wireless Lan Controller Software
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-3854 HIGH This Week

A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Wireless Lan Controller Firmware Wireless Lan Controller Software
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2016-6375 MEDIUM This Month

Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller Software 6 0 Wireless Lan Controller Software 7 0 +3
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-1460 MEDIUM This Month

Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and 8.0(0.30220.385) allow remote attackers to cause a denial of service via crafted wireless management frames, aka Bug ID CSCun92979. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-1364 HIGH This Week

Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) and 7.5, 7.6, and 8.0 before 8.0.110.0(ED) allows remote attackers to cause a denial of service (device reload) via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-1363 CRITICAL Act Now

Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7.4 before 7.4.140.0(MD) and 7.5 through 8.0 before 8.0.115.0(ED) allows remote attackers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.6% and no vendor patch available.

Cisco RCE Buffer Overflow Wireless Lan Controller Software
NVD
CVSS 3.1
9.8
EPSS
11.6%
CVE-2015-6314 CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Wireless Lan Controller Software
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2015-6341 MEDIUM This Month

The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices with software 7.4(140.0) and 8.0(120.0) allows remote attackers to cause a denial of service (client disconnection) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Denial Of Service Wireless Lan Controller Software
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-6302 MEDIUM This Month

The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and 7.0(252.0) allows remote attackers to disconnect arbitrary sessions via crafted Disconnect-Request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Wireless Lan Controller Software
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-6258 MEDIUM This Month

The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Wireless Lan Controller Software
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-4224 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Wireless Lan Controller Software
NVD
CVSS 2.0
7.2
EPSS
0.2%
CVE-2015-4215 MEDIUM This Month

Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
CVSS 2.0
6.1
EPSS
0.5%
CVE-2015-0726 MEDIUM This Month

The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
CVSS 2.0
6.8
EPSS
0.6%
CVE-2015-0723 MEDIUM This Month

The wireless web-authentication subsystem on Cisco Wireless LAN Controller (WLC) devices 7.5.x and 7.6.x before 7.6.120 allows remote attackers to cause a denial of service (process crash and device. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
CVSS 2.0
6.1
EPSS
0.5%
CVE-2015-0690 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HTML help system on Cisco Wireless LAN Controller (WLC) devices before 8.0 allows remote attackers to inject arbitrary web script or HTML via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Wireless Lan Controller Software
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0679 MEDIUM This Month

The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
CVSS 2.0
6.1
EPSS
0.4%
CVE-2014-0707 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.8
EPSS
0.4%
CVE-2014-0706 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.8
EPSS
0.4%
CVE-2014-0705 HIGH This Week

The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.1
EPSS
0.4%
CVE-2014-0704 HIGH This Week

The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.1
EPSS
0.4%
CVE-2014-0703 CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Apple Cisco Wireless Lan Controller Software +1
NVD VulDB
CVSS 2.0
10.0
EPSS
0.9%
CVE-2014-0701 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD VulDB
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-1141 MEDIUM This Month

The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Wireless Lan Controller Software Wireless Lan Controller
NVD
CVSS 2.0
6.1
EPSS
0.2%
CVE-2013-1105 CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.3, 7.1 and 7.2 before 7.2.111.3, and 7.3 before 7.3.101.0 allow remote authenticated users to bypass wireless-management. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +4
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2013-1104 CRITICAL Act Now

The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco 2000 Wireless Lan Controller 2100 Wireless Lan Controller 2500 Wireless Lan Controller +6
NVD
CVSS 2.0
9.0
EPSS
1.2%
CVE-2013-1103 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +6
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2013-1102 HIGH This Week

The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +6
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2012-6007 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Cisco XSS Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +6
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.5%
CVE-2012-5992 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF XSS Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller +7
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2012-5991 MEDIUM POC THREAT This Month

screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 14.1%.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +6
NVD Exploit-DB
CVSS 2.0
6.3
EPSS
14.1%
CVE-2012-0371 CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +10
NVD
CVSS 2.0
9.3
EPSS
0.5%
CVE-2012-0370 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +10
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2012-0369 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +10
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2012-0368 HIGH This Week

The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +10
NVD
CVSS 2.0
7.8
EPSS
0.4%
EPSS 0% CVSS 7.4
HIGH This Week

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Ios Xe +2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.  This. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Wireless Lan Controller Software +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Command Injection +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Cisco Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Cisco Authentication Bypass Aironet 1542D Firmware +40
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Aironet Access Point Software +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Aironet Access Point Software +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Aironet Access Point Software +2
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller +4
NVD
EPSS 46% CVSS 6.5
MEDIUM POC THREAT This Month

A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD Exploit-DB
EPSS 1% CVSS 4.4
MEDIUM This Month

A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Wireless Lan Controller Software
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Wireless Lan Controller Software
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Wireless Lan Controller Software
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Wireless Lan Controller Software
NVD
EPSS 5% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Wireless Lan Controller Software
NVD
EPSS 3% CVSS 7.8
HIGH This Week

A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Wireless Lan Controller Software +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Wireless Lan Controller Software
NVD
EPSS 3% CVSS 5.3
MEDIUM This Month

A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Wireless Lan Controller Software
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Wireless Lan Controller Software
NVD
EPSS 2% CVSS 8.6
HIGH This Week

A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple +2
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Wireless Lan Controller Software
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) Discovery Request parsing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +1
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart,. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +1
NVD
EPSS 0% CVSS 7.4
HIGH This Week

A vulnerability in the implementation of 802.11v Basic Service Set (BSS) Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Wireless Lan Controller Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Wireless Lan Controller Firmware +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software +5
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and 8.0(0.30220.385) allow remote attackers to cause a denial of service via crafted wireless management frames, aka Bug ID CSCun92979. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) and 7.5, 7.6, and 8.0 before 8.0.110.0(ED) allows remote attackers to cause a denial of service (device reload) via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
EPSS 12% CVSS 9.8
CRITICAL Act Now

Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7.4 before 7.4.140.0(MD) and 7.5 through 8.0 before 8.0.115.0(ED) allows remote attackers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.6% and no vendor patch available.

Cisco RCE Buffer Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Wireless Lan Controller Software
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices with software 7.4(140.0) and 8.0(120.0) allows remote attackers to cause a denial of service (client disconnection) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Denial Of Service +1
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and 7.0(252.0) allows remote attackers to disconnect arbitrary sessions via crafted Disconnect-Request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Wireless Lan Controller Software
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Wireless Lan Controller Software
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Wireless Lan Controller Software
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The wireless web-authentication subsystem on Cisco Wireless LAN Controller (WLC) devices 7.5.x and 7.6.x before 7.6.120 allows remote attackers to cause a denial of service (process crash and device. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HTML help system on Cisco Wireless LAN Controller (WLC) devices before 8.0 allows remote attackers to inject arbitrary web script or HTML via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Wireless Lan Controller Software
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software +1
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software +1
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software +1
NVD VulDB
EPSS 1% CVSS 10.0
CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Apple +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +2
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.3, 7.1 and 7.2 before 7.2.111.3, and 7.3 before 7.3.101.0 allow remote authenticated users to bypass wireless-management. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Wireless Lan Controller Software +6
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Cisco 2000 Wireless Lan Controller +8
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software +8
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software +8
NVD
EPSS 3% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Cisco XSS Wireless Lan Controller Software +8
NVD Exploit-DB
EPSS 1% CVSS 6.8
MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF XSS Cisco +9
NVD Exploit-DB
EPSS 14% CVSS 6.3
MEDIUM POC THREAT This Month

screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 14.1%.

Denial Of Service Cisco Wireless Lan Controller Software +8
NVD Exploit-DB
EPSS 0% CVSS 9.3
CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cisco Wireless Lan Controller Software +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software +12
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy