Cisco Issues an Advisory for WiFi Admin Software


Bug in the authentication code could give an intruder administrator access.

Cisco has issued a critical security advisory for its wireless LAN controller (WLC). This warning has a severity rating of 10.0 out of 10.0 — in other words, it is a five-alarm fire for Cisco devices running WLC software releases 8.10.151 to 8.10.162 with MAC filter RADIUS Compatibility mode set to Other . This bug appears in the MITRE database as CWE-303. Some of the devices affected by the bug include the 3504, 5520, and 8540 Cisco wireless controllers, as well as Cisco’s Virtual Wireless Controller (vWLC) and Mobility Express devices.

According to the advisory, an attacker who logs into the device with well crafted credentials could bypass the authentication mechanism and gain administrative access.  A patch for this bug is available now, and Cisco recommends patching immediately. If you aren’t able to patch right now, the company does provide some workarounds to better protect your system until you are able to patch.


Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=