Back to CVE Browser

CVE-2007-5382

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0190%

EPSS Percentile23.72th

PublishedOct 12, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.

Affected Platforms (CPE)

📦

Cisco

Wireless Lan Solution Engine

<= 4.1.91.0

🔌

Cisco

Wireless Control System

= 4.1.91.0

References & Advisories

🔗 http://osvdb.org/37936

🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml

🔗 http://www.securityfocus.com/bid/26000

🔗 http://www.securitytracker.com/id?1018797

🔗 http://www.vupen.com/english/advisories/2007/3456

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/37053

🔗 http://osvdb.org/37936

🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml

Related Vulnerabilities

CVE-2004-039110.0

Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded use...

CVE-2006-19617.5

Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registra...

CVE-2006-19605.8

Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLS...

CVE-2007-14673.5

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control S...