CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2017-3854
https://notcve.org/view.php?id=CVE-2017-3854
15 Mar 2017 — A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control... • http://www.securityfocus.com/bid/96911 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2013-1235
https://notcve.org/view.php?id=CVE-2013-1235
04 May 2013 — Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507. Cisco Wireless LAN Controller (WLC) no gestiona adecuadamente el consumo de recursos de las sesiones TELNET terminadas, lo que permite a atacantes remotos provocar una denegación de servicio haciendo muchas conexion... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1235 •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 0CVE-2013-1103
https://notcve.org/view.php?id=CVE-2013-1103
24 Jan 2013 — Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659. Cisco Wireless LAN Controller (WLC) son software v7.0 anterior a v7.0.220.0, v7.1 anterior a v7.1.91.0, y v7.2 anterior a v7.2.103.0 permite a atacantes remotos generar una denegación de servicio (reinicio del punto de acceso) mediante paquetes SIP especialmente d... • http://osvdb.org/89530 •
CVSS: 9.0EPSS: 1%CPEs: 9EXPL: 0CVE-2013-1104
https://notcve.org/view.php?id=CVE-2013-1104
24 Jan 2013 — The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636. La funcionalidad de perfiles HTTP en Cisco Wireless LAN Controller (WLC) de los dispositivos con software v7.3.101.0 permite a usuarios remotos autenticados ejecutar código arbitrario a través de una cabecera manipulada HTTP User-Agent, también conocido como Bug ID CSCuc15636. • http://osvdb.org/89533 •
CVSS: 9.0EPSS: 0%CPEs: 14EXPL: 0CVE-2013-1105
https://notcve.org/view.php?id=CVE-2013-1105
24 Jan 2013 — Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.3, 7.1 and 7.2 before 7.2.111.3, and 7.3 before 7.3.101.0 allow remote authenticated users to bypass wireless-management settings and read or modify the device configuration via an SNMP request, aka Bug ID CSCua60653. Dispositivos Cisco Wireless LAN Controller (WLC) con software v7.0 anterior a v7.0.235.3, v7.1 y v7.2 anterior a v7.2.111.3, y v7.3 anterior a v7.3.101.0, permite a usuarios remotos autentificados saltarse las configu... • http://osvdb.org/89532 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2013-1102
https://notcve.org/view.php?id=CVE-2013-1102
24 Jan 2013 — The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID CSCtx80743. El sistema de prevención de intrusiones inalámbricas (WIPS) de Cisco Wireless LAN Controller (WLC) de los dispositivos con software v7.0 antes de v7.0.235.0, v7.1 y v7.2 antes de v7.2.110.0 y v7.3 ant... • http://secunia.com/advisories/51965 •
CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 2CVE-2012-6007 – Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-6007
19 Dec 2012 — Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en screens/base/web_auth_custom.html en dispositivos Cisco Wireless LAN Controller (WLC) con software v7.2.110.0 permite a u... • https://www.exploit-db.com/exploits/23361 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 2CVE-2012-5991 – Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-5991
19 Dec 2012 — screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain buttonClicked value in an internal webauth_type request, aka Bug ID CSCud50209. screens/base/web_auth_custom.html en dispositivos Cisco Wireless LAN Controller (WLC) con software v7.2.110.0 permiten a usuarios remotos autenticados causar una denegación de servicio (reinicio del dispositivo) a través de un cierto ... • https://www.exploit-db.com/exploits/23361 •
CVSS: 9.6EPSS: 0%CPEs: 9EXPL: 2CVE-2012-5992 – Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-5992
19 Dec 2012 — Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via screens/aaa/mgmtuser_create.html or (2) insert XSS sequences via the headline parameter to screens/base/web_auth_custom.html, aka Bug ID CSCud50283. Múltiples vulnerabilidades de falsificación de peticiones en sitios cruzados (CSRF) en dispositivos Cisco Wir... • https://www.exploit-db.com/exploits/23361 • CWE-352: Cross-Site Request Forgery (CSRF) •