Cisco Aironet Access Point Software — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Aironet Access Point Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2017-3831 — CVSS 9.8 (critical): A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to…
CVE-2018-0234 — CVSS 8.6 (high): A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850…
CVE-2020-3560 — CVSS 8.6 (high): A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on…
CVE-2020-3559 — CVSS 8.6 (high): A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to…
CVE-2022-20622 — CVSS 8.6 (high): A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow…
CVE-2016-1419 — CVSS 8.1 (high): Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP…
CVE-2016-6362 — CVSS 7.8 (high): Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local…
CVE-2015-6367 — CVSS 7.8 (high): Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly…
CVE-2021-1437 — CVSS 7.5 (high): A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote…
CVE-2015-6320 — CVSS 7.5 (high): The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a…
CVE-2020-3552 — CVSS 7.4 (high): A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent…
CVE-2021-1439 — CVSS 7.4 (high): A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated…
CVE-2021-34740 — CVSS 7.4 (high): A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an…
CVE-2015-6336 — CVSS 7.3 (high): Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it…
CVE-2015-6315 — CVSS 7.2 (high): Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID…
CVE-2021-1449 — CVSS 6.7 (medium): A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at…
CVE-2023-20056 — CVSS 6.5 (medium): A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of…
CVE-2016-6361 — CVSS 6.5 (medium): The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0…
CVE-2016-6363 — CVSS 6.5 (medium): The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0…
CVE-2012-6026 — CVSS 6.1 (medium): The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote…
CVE-2018-0247 — CVSS 4.7 (medium): A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco…
CVE-2023-20097 — CVSS 4.6 (medium): A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute…
CVE-2021-1423 — CVSS 4.4 (medium): A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to…
CVE-2018-0249 — CVSS 4.3 (medium): A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros…
CVE-2016-9221 — CVSS 4.3 (medium): A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access…
CVE-2016-9220 — CVSS 4.3 (medium): A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could…
CVE-2018-0250 — CVSS 4.1 (medium): A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830…