News Stay informed about the latest enterprise technology news and product updates.

Cisco corrects serious Wireless LAN flaws

Several denial-of-service vulnerabilities and a privilege escalation flaw affects a wide range of Cisco Wireless LAN controllers, the networking giant warned.

Cisco Systems Inc. addressed several serious vulnerabilities in its Wireless LAN controllers that could be exploited by attackers to cause a denial-of-service (DoS) condition.
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

In a Cisco advisory released Wednesday, the networking giant said two DoS vulnerabilities affect software versions 4.2 and later on all its wireless platforms. A third DoS flaw affects versions 4.1 and later on Cisco 4400 series, 6500/7600 series and 3750 series wireless LAN controllers.

Cisco said an attacker could use a vulnerability scanner to make the LAN controller stop servicing Web authentication or cause the device to reload. An attacker can trigger the device to reload by sending certain IP packets or a malformed post to the Web authentication "login.html" page, Cisco said. The highest Common Vulnerability Scoring System (CVSS) rating was a 7.8.

In addition, Cisco warned that a privilege escalation vulnerability affects software version A successful exploit could give a restricted user the ability to gain full administrative rights on an affected system, Cisco said. The flaw was given a CVSS base score of 9 since it would give a user complete control of a system.

Dig Deeper on Wireless network security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.