cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20418,https://securityvulnerability.io/vulnerability/CVE-2024-20418,Command Injection Vulnerability in Cisco Unified Industrial Wireless Software Could Allow Remote Root Access,"A critical flaw has been identified in the web-based management interface of Cisco Unified Industrial Wireless Software, specifically impacting Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. This vulnerability arises from inadequate input validation within the management interface, allowing an unauthenticated remote attacker to initiate command injection attacks. By sending specially crafted HTTP requests, an attacker could gain root privileges over the underlying operating system of the affected devices. This exposure significantly increases the risk of unauthorized access and manipulation of the device, potentially leading to widespread security breaches.",Cisco,Cisco Aironet Access Point Software (iOS Xe Controller),10,CRITICAL,0.0004299999854993075,false,true,false,true,,true,false,2024-11-06T17:15:00.000Z,4678
CVE-2024-20271,https://securityvulnerability.io/vulnerability/CVE-2024-20271,Cisco Access Point Software Vulnerability Could Lead to Denial of Service,"A vulnerability in the IP packet processing of Cisco Access Point Software allows an unauthenticated, remote attacker to exploit specific weaknesses in input validation of IPv4 packets. By sending specially crafted IPv4 packets to or through an affected device, an attacker can induce an unexpected reload of the device, resulting in a denial of service (DoS) condition. Importantly, exploitation does not require the attacker to be associated with the access point, making this a significant risk to network availability. This issue does not affect IPv6 packet processing.",Cisco,"Cisco Aironet Access Point Software,Cisco Business Wireless Access Point Software,Cisco Aironet Access Point Software (iOS Xe Controller)",8.6,HIGH,0.0004299999854993075,false,false,false,true,,false,false,2024-03-27T17:05:27.473Z,0
CVE-2024-20265,https://securityvulnerability.io/vulnerability/CVE-2024-20265,Unauthenticated Attacker Could Bypass Cisco Secure Boot Validation and Load Tampered Image on Affected Device,"A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device.
 This vulnerability exists because unnecessary commands are available during boot time at the physical console. An attacker could exploit this vulnerability by interrupting the boot process and executing specific commands to bypass the Cisco Secure Boot validation checks and load an image that has been tampered with. This image would have been previously downloaded onto the targeted device. A successful exploit could allow the attacker to load the image once. The Cisco Secure Boot functionality is not permanently compromised.",Cisco,"Cisco iOS Xe Software,Cisco Aironet Access Point Software,Cisco Business Wireless Access Point Software,Cisco Aironet Access Point Software (iOS Xe Controller)",5.9,MEDIUM,0.0004299999854993075,false,false,false,true,,false,false,2024-03-27T17:03:54.505Z,0
CVE-2024-20354,https://securityvulnerability.io/vulnerability/CVE-2024-20354,Cisco Aironet AP Software Vulnerability Could Lead to Denial of Service,"A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.
 This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.",Cisco,"Cisco Aironet Access Point Software,Cisco Aironet Access Point Software (ios Xe Controller)",4.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-03-27T16:47:04.924Z,0
CVE-2023-20176,https://securityvulnerability.io/vulnerability/CVE-2023-20176,Networking Component Vulnerability in Cisco Access Point Software,"A vulnerability in the networking component of Cisco access point software allows unauthenticated remote attackers to cause temporary service disruption. By connecting to the access point as a wireless client and transmitting excessive traffic for a prolonged duration, the attacker can exploit this weakness. This leads to the tearing down and resetting of the Datagram TLS (DTLS) session, ultimately resulting in a denial of service condition.",Cisco,"Cisco Aironet Access Point Software,Cisco Aironet Access Point Software (IOS XE Controller)",8.6,HIGH,0.001180000021122396,false,false,false,false,,false,false,2023-09-27T18:15:00.000Z,0
CVE-2023-20268,https://securityvulnerability.io/vulnerability/CVE-2023-20268,Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability,"A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.&nbsp;

This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.",Cisco,"Cisco Aironet Access Point Software,Cisco Aironet Access Point Software (iOS Xe Controller),Cisco Business Wireless Access Point Software",4.7,MEDIUM,0.0004400000034365803,false,false,false,true,,false,false,2023-09-27T18:15:00.000Z,0
CVE-2023-20097,https://securityvulnerability.io/vulnerability/CVE-2023-20097,Cisco Access Point Software Command Injection Vulnerability,"A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.",Cisco,Cisco Aironet Access Point Software,4.6,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2023-03-23T00:00:00.000Z,0
CVE-2023-20112,https://securityvulnerability.io/vulnerability/CVE-2023-20112,Cisco Access Point Software Association Request Denial of Service Vulnerability,"A vulnerability in the Cisco Access Point software allows unauthenticated adjacent attackers to trigger a denial of service (DoS) condition. This issue arises from inadequate validation of certain parameters within 802.11 association request frames. An attacker can exploit this vulnerability by sending a specially crafted wireless 802.11 association request to the affected device, potentially leading to an unexpected reload and subsequent DoS condition. For more details, refer to the Cisco Security Advisory.",Cisco,Cisco Aironet Access Point Software,7.4,HIGH,0.0005000000237487257,false,false,false,true,,false,false,2023-03-23T00:00:00.000Z,0
CVE-2023-20056,https://securityvulnerability.io/vulnerability/CVE-2023-20056,Cisco Access Point Software Denial of Service Vulnerability,"A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition.",Cisco,Cisco Aironet Access Point Software,6.5,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2023-03-23T00:00:00.000Z,0
CVE-2022-20945,https://securityvulnerability.io/vulnerability/CVE-2022-20945,Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability,"A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain parameters within association request frames received by the AP. An attacker could exploit this vulnerability by sending a crafted 802.11 association request to a nearby device. An exploit could allow the attacker to unexpectedly reload the device, resulting in a DoS condition.",Cisco,Cisco Aironet Access Point Software (iOS Xe Controller),7.4,HIGH,0.0005000000237487257,false,false,false,true,,false,false,2022-09-30T19:15:00.000Z,0
CVE-2022-20728,https://securityvulnerability.io/vulnerability/CVE-2022-20728,Cisco Access Points VLAN Bypass from Native VLAN Vulnerability,"A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.",Cisco,Cisco Aironet Access Point Software (iOS Xe Controller),4.7,MEDIUM,0.0004799999878741801,false,false,false,true,,false,false,2022-09-30T19:15:00.000Z,0
CVE-2022-20622,https://securityvulnerability.io/vulnerability/CVE-2022-20622,Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability,"A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.",Cisco,Cisco Aironet Access Point Software,8.6,HIGH,0.0015899999998509884,false,false,false,true,,false,false,2022-04-13T00:00:00.000Z,0
CVE-2021-34740,https://securityvulnerability.io/vulnerability/CVE-2021-34740,Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability,"A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.",Cisco,Cisco Aironet Access Point Software,7.4,HIGH,0.0005799999926239252,false,false,false,true,,false,false,2021-09-23T03:15:00.000Z,0
CVE-2021-1449,https://securityvulnerability.io/vulnerability/CVE-2021-1449,Cisco Access Point Software Arbitrary Code Execution Vulnerability,"A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploit this vulnerability by modifying a specific file that is stored on the system, which would allow the attacker to bypass existing protections. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. Note: To exploit this vulnerability, the attacker would need to have access to the development shell (devshell) on the device.",Cisco,Cisco Aironet Access Point Software,6.7,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2021-03-24T00:00:00.000Z,0
CVE-2021-1439,https://securityvulnerability.io/vulnerability/CVE-2021-1439,Cisco Aironet Access Points FlexConnect Multicast DNS Denial of Service Vulnerability,"A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition.",Cisco,Cisco Aironet Access Point Software (iOS Xe Controller),7.4,HIGH,0.0005799999926239252,false,false,false,true,,false,false,2021-03-24T00:00:00.000Z,0
CVE-2021-1437,https://securityvulnerability.io/vulnerability/CVE-2021-1437,Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability,"A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP).",Cisco,Cisco Aironet Access Point Software,7.5,HIGH,0.002369999885559082,false,false,false,true,,false,false,2021-03-24T00:00:00.000Z,0
CVE-2021-1423,https://securityvulnerability.io/vulnerability/CVE-2021-1423,Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability,"A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.",Cisco,Cisco Aironet Access Point Software,4.4,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2021-03-24T00:00:00.000Z,0
CVE-2020-3552,https://securityvulnerability.io/vulnerability/CVE-2020-3552,Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability,"A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.",Cisco,Cisco Aironet Access Point Software,7.4,HIGH,0.0005799999926239252,false,false,false,true,,false,false,2020-09-24T00:00:00.000Z,0
CVE-2020-3559,https://securityvulnerability.io/vulnerability/CVE-2020-3559,Cisco Aironet  Access Point Authentication Flood Denial of Service Vulnerability,"A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.",Cisco,Cisco Aironet Access Point Software,6.8,MEDIUM,0.0015999999595806003,false,false,false,true,,false,false,2020-09-24T00:00:00.000Z,0
CVE-2020-3560,https://securityvulnerability.io/vulnerability/CVE-2020-3560,Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability,"A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.",Cisco,Cisco Aironet Access Point Software,8.6,HIGH,0.0015999999595806003,false,false,false,true,,false,false,2020-09-24T00:00:00.000Z,0
CVE-2020-3260,https://securityvulnerability.io/vulnerability/CVE-2020-3260,Cisco Aironet Series Access Points Client Packet Processing Denial of Service Vulnerability,"A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point (AP). An attacker could exploit this vulnerability by sending a large number of sustained client packets to the affected AP. A successful exploit could allow the attacker to cause the affected AP to crash, resulting in a DoS condition.",Cisco,Cisco Aironet Access Point Software,7.4,HIGH,0.0005799999926239252,false,false,false,true,,false,false,2020-04-15T00:00:00.000Z,0
CVE-2020-3262,https://securityvulnerability.io/vulnerability/CVE-2020-3262,Cisco Wireless LAN Controller CAPWAP Denial of Service Vulnerability,"A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.",Cisco,Cisco Aironet Access Point Software,8.6,HIGH,0.0015899999998509884,false,false,false,true,,false,false,2020-04-15T00:00:00.000Z,0
CVE-2019-15264,https://securityvulnerability.io/vulnerability/CVE-2019-15264,Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability,"A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to improper resource management during CAPWAP message processing. An attacker could exploit this vulnerability by sending a high volume of legitimate wireless management frames within a short time to an affected device. A successful exploit could allow the attacker to cause a device to restart unexpectedly, resulting in a DoS condition for clients associated with the AP.",Cisco,Cisco Aironet Access Point Software,7.4,HIGH,0.0005799999926239252,false,false,false,true,,false,false,2019-10-16T00:00:00.000Z,0
CVE-2019-15265,https://securityvulnerability.io/vulnerability/CVE-2019-15265,Cisco Aironet Access Points Bridge Protocol Data Unit Port Disable Denial of Service Vulnerability,"A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerability occurs because BPDUs received from specific wireless clients are forwarded incorrectly. An attacker could exploit this vulnerability on the wireless network by sending a steady stream of crafted BPDU frames. A successful exploit could allow the attacker to cause a limited denial of service (DoS) attack because an AP port could go offline.",Cisco,Cisco Aironet Access Point Software,7.4,HIGH,0.0005799999926239252,false,false,false,true,,false,false,2019-10-16T00:00:00.000Z,0
CVE-2019-15260,https://securityvulnerability.io/vulnerability/CVE-2019-15260,Cisco Aironet Access Points Unauthorized Access Vulnerability,"A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected device. An attacker could exploit this vulnerability by requesting specific URLs from an affected AP. An exploit could allow the attacker to gain access to the device with elevated privileges. While the attacker would not be granted access to all possible configuration options, it could allow the attacker to view sensitive information and replace some options with values of their choosing, including wireless network configuration. It would also allow the attacker to disable the AP, creating a denial of service (DoS) condition for clients associated with the AP.",Cisco,Cisco Aironet Access Point Software,9.8,CRITICAL,0.003700000001117587,false,false,false,true,,false,false,2019-10-16T00:00:00.000Z,0