CVE-2019-1675 – Cisco Aironet Active Sensor Static Credentials Vulnerability

https://notcve.org/view.php?id=CVE-2019-1675

07 Feb 2019 — A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. • http://www.securityfocus.com/bid/106944 • CWE-798: Use of Hard-coded Credentials •