Vulnerabilities > Cisco > Aironet 1800 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2020-24587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key.
2.6
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2021-05-11 CVE-2020-26139 Improper Authentication vulnerability in multiple products
An issue was discovered in the kernel in NetBSD 7.1.
5.3
2021-05-11 CVE-2020-26140 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H.
6.5
2019-10-16 CVE-2019-15265 Improper Input Validation vulnerability in Cisco products
A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state.
low complexity
cisco CWE-20
6.5
2019-10-16 CVE-2019-15260 Unspecified vulnerability in Cisco products
A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges.
network
low complexity
cisco
critical
9.8
2017-11-02 CVE-2017-12281 Improper Authentication vulnerability in Cisco products
A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for standalone configurations of Cisco Aironet 1800, 2800, and 3800 Series Access Points could allow an unauthenticated, adjacent attacker to bypass authentication and connect to an affected device.
high complexity
cisco CWE-287
7.5