Vulnerabilities > Cisco > Wap125 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-1401 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device.
network
low complexity
cisco CWE-78
7.2
2018-08-15 CVE-2018-0415 7PK - Errors vulnerability in Cisco products
A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
low complexity
cisco CWE-388
6.8
2018-08-15 CVE-2018-0412 Unspecified vulnerability in Cisco products
A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of the encryption algorithm that is used between an authenticator (access point) and a supplicant (Wi-Fi client).
high complexity
cisco
5.3