![]() ![]() An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition.Ī vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. ![]() This vulnerability is due to insufficient input validation of commands supplied by the user. A successful exploit could allow the attacker to gain full root access on the AP.Ī vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. A successful exploit could allow an attacker to create local user accounts with administrative privileges on an affected WLC and execute other commands that are not allowed from the CLI and should be prohibited.Ħ1 Aironet 1540, Aironet 1542d, Aironet 1542i and 58 moreĪ vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. An attacker could exploit this vulnerability by authenticating via TACACS to the GUI on the affected device. The vulnerability is due to incorrect parsing of a specific TACACS attribute received in the TACACS response from the remote TACACS server. 2 Wireless Lan Controller, Wireless Lan Controller SoftwareĪ vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI.
0 Comments
Leave a Reply. |