VYPR

Aironet Access Point Software

by Cisco Systems, Inc.

CVEs (67)

  • CVE-2017-3834CriApr 6, 2017
    risk 0.64cvss 9.8epss 0.04

    A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected device. The vulnerability is due to the existence of default…

  • CVE-2017-3831CriMar 15, 2017
    risk 0.64cvss 9.8epss 0.05

    A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of…

  • CVE-2016-1419HigJun 10, 2016
    risk 0.53cvss 8.1epss 0.01

    Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803.

  • CVE-2016-6362HigAug 22, 2016
    risk 0.51cvss 7.8epss 0.00

    Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.

  • CVE-2016-1418HigJun 8, 2016
    risk 0.51cvss 7.8epss 0.00

    Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037.

  • CVE-2017-3873HigMay 16, 2017
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges.…

  • CVE-2015-6320HigJan 15, 2016
    risk 0.49cvss 7.5epss 0.02

    The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138.

  • CVE-2015-6336HigJan 15, 2016
    risk 0.48cvss 7.3epss 0.01

    Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.

  • CVE-2016-9196MedApr 7, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. The root Linux shell is provided for…

  • CVE-2016-6363MedAug 22, 2016
    risk 0.42cvss 6.5epss 0.01

    The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID…

  • CVE-2016-6361MedAug 22, 2016
    risk 0.42cvss 6.5epss 0.01

    The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID…

  • CVE-2024-20265MedMar 27, 2024
    risk 0.38cvss 5.9epss 0.00

    A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists…

  • CVE-2018-0247MedMay 2, 2018
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to…

  • CVE-2025-20365MedSep 24, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attacker to modify the IPv6 gateway on an affected device. This vulnerability is due to a logic error in the processing of IPv6 RA…

  • CVE-2025-20364MedSep 24, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point (AP) Software could allow an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This vulnerability is due to insufficient…

  • CVE-2016-9221MedJan 26, 2017
    risk 0.28cvss 4.3epss 0.01

    A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability…

  • CVE-2016-9220MedJan 26, 2017
    risk 0.28cvss 4.3epss 0.00

    A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new…

  • CVE-2019-15260Oct 16, 2019
    risk 0.01cvss epss 0.03

    A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. The vulnerability is due to insufficient access control for certain URLs on an affected…

  • CVE-2024-20271Mar 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4…

  • CVE-2024-20354Mar 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of…

Page 1 of 4