CVE-2018-0248— Cisco Wireless LAN Controller(WLC)Software 输入验证错误漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2018-0248の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Cisco Wireless LAN Controller Software GUI Configuration Denial of Service Vulnerabilities
ソース: NVD (National Vulnerability Database)
脆弱性説明
A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. The attacker would need to have valid administrator credentials on the device. This vulnerability is due to incomplete input validation for unexpected configuration options that the attacker could submit while accessing the GUI configuration menus. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted user input when using the administrative GUI configuration feature. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Software versions prior to 8.3.150.0, 8.5.140.0, 8.8.111.0 are affected by this vulnerability.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
输入验证不恰当
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Cisco Wireless LAN Controller(WLC)Software 输入验证错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Cisco Wireless LAN Controller(WLC)Software是美国思科(Cisco)公司的一套用于配置和管理WLC(无线局域网控制器)的软件。 Cisco WLC Software 8.3.150.0之前版本、8.5.140.0之前版本和8.8.111.0之前版本中的管理GUI配置功能存在输入验证错误漏洞,该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Cisco | Cisco Wireless LAN Controller (WLC) | unspecified ~ 8.3.150.0 | - |
II. CVE-2018-0248の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2018-0248のインテリジェンス情報
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-wlc-guivendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2018-0248
Same Patch Batch · Cisco · 2019-04-17 · 8 CVEs total
| CVE-2018-0382 | Cisco Wireless LAN Controller Software Session Hijacking Vulnerability | |
| CVE-2019-1654 | Cisco Aironet Series Access Points Development Shell Access Vulnerability | |
| CVE-2019-1710 | Cisco IOS XR 64-Bit Software for Cisco ASR 9000 Series Aggregation Services Routers Networ | |
| CVE-2019-1686 | Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability | |
| CVE-2019-1711 | Cisco IOS XR gRPC Software Denial of Service Vulnerability | |
| CVE-2019-1718 | Cisco Identity Services Engine SSL Renegotiation Denial of Service Vulnerability | |
| CVE-2019-1712 | Cisco IOS XR Software Protocol Independent Multicast Denial of Service Vulnerability |
IV. 関連脆弱性
- CVE-2023-20251
Cisco Wireless LAN Controller 缓冲区错误漏洞 - CVE-2022-20769
Cisco Wireless LAN Controller AireOS Software FIPS Mode Deni - CVE-2022-20695
Cisco Wireless LAN Controller Management Interface Authentic - CVE-2021-1419
Cisco Access Points SSH Management Privilege Escalation Vuln - CVE-2020-3492
Cisco IOS XE Software for Catalyst 9800 Series and Cisco Air
同じベンダー: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
V. CVE-2018-0248へのコメント
まだコメントはありません