CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20418 – Cisco Ultra-Reliable Wireless Backhaul Software Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-20418
06 Nov 2024 — A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system. This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management int... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.6EPSS: 0%CPEs: 235EXPL: 0CVE-2024-20271
https://notcve.org/view.php?id=CVE-2024-20271
27 Mar 2024 — A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 0%CPEs: 171EXPL: 0CVE-2024-20265
https://notcve.org/view.php?id=CVE-2024-20265
27 Mar 2024 — A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary commands are available during boot time at the physical console. An attacker could exploit this vulnerability by interrupting the boot process and executing specific commands to bypass the Cisco Secure Boot validation che... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-secureboot-bypass-zT5vJkSD • CWE-501: Trust Boundary Violation •
CVSS: 6.5EPSS: 0%CPEs: 64EXPL: 0CVE-2023-20056 – Cisco Access Point Software Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-20056
23 Mar 2023 — A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resu... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.7EPSS: 0%CPEs: 64EXPL: 0CVE-2023-20097 – Cisco Access Point Software Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-20097
23 Mar 2023 — A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 4.7EPSS: 0%CPEs: 52EXPL: 0CVE-2022-20728 – Cisco Access Points VLAN Bypass from Native VLAN Vulnerability
https://notcve.org/view.php?id=CVE-2022-20728
30 Sep 2022 — A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the clien... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-20622 – Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20622
15 Apr 2022 — A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit thi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 34EXPL: 0CVE-2022-20695 – Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-20695
15 Apr 2022 — A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 95EXPL: 0CVE-2021-1419 – Cisco Access Points SSH Management Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1419
23 Sep 2021 — A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv • CWE-284: Improper Access Control •
CVSS: 7.4EPSS: 0%CPEs: 73EXPL: 0CVE-2021-34740 – Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34740
23 Sep 2021 — A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A succ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-pktleak-dos-uSTyGrL • CWE-401: Missing Release of Memory after Effective Lifetime •