Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Aironet 1562d Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-20728 1 Cisco 52 Aironet 1542d, Aironet 1542d Firmware, Aironet 1542i and 49 more 2024-02-28 N/A 4.7 MEDIUM
A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.
CVE-2021-1419 1 Cisco 84 1100-8p, 1100-8p Firmware, 1120 and 81 more 2024-02-28 7.2 HIGH 7.8 HIGH
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.
CVE-2020-26140 5 Alfa, Arista, Cisco and 2 more 388 Awus036h, Awus036h Firmware, C-100 and 385 more 2024-02-28 3.3 LOW 6.5 MEDIUM
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-3261 1 Cisco 34 6300 Series Access Points, 6300 Series Access Points Firmware, Aironet 1542d and 31 more 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
A vulnerability in the web-based management interface of Cisco Mobility Express Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user with an active session on an affected device to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions, including modifying the configuration, with the privilege level of the user.