CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-5382

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0190%
EPSS Percentile23.72th
Published2007年10月12日
Last Modified2026年4月23日

Vulnerability Description

The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.

Affected Platforms (CPE)

📦
Cisco

Wireless Lan Solution Engine

<= 4.1.91.0
🔌
Cisco

Wireless Control System

= 4.1.91.0

References & Advisories

🔗 http://osvdb.org/37936
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml
🔗 http://www.securityfocus.com/bid/26000
🔗 http://www.securitytracker.com/id?1018797
🔗 http://www.vupen.com/english/advisories/2007/3456
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/37053
🔗 http://osvdb.org/37936
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml

相關漏洞威脅

CVE-2004-039110.0

Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded use...

CVE-2006-19617.5

Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registra...

CVE-2006-19605.8

Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLS...

CVE-2007-14673.5

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control S...