Vulnerabilities > Cisco > Wireless LAN Controller Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-20268 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. | 4.7 |
| 2023-03-23 | CVE-2023-20056 | Unspecified vulnerability in Cisco products A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. | 5.5 |
| 2023-03-23 | CVE-2023-20097 | Command Injection vulnerability in Cisco products A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. | 6.7 |
| 2022-09-30 | CVE-2022-20769 | Out-of-bounds Write vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2021-09-23 | CVE-2021-1419 | Unspecified vulnerability in Cisco products A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. | 7.8 |
| 2021-03-24 | CVE-2021-1423 | Exposure of Resource to Wrong Sphere vulnerability in Cisco products A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. | 4.4 |
| 2021-03-24 | CVE-2021-1449 | Unspecified vulnerability in Cisco products A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. | 6.7 |
| 2021-03-24 | CVE-2021-1437 | Unspecified vulnerability in Cisco products A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. | 7.5 |
| 2019-11-26 | CVE-2019-15276 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 4.0 |
| 2019-10-16 | CVE-2019-15266 | Path Traversal vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. | 2.1 |