Cisco Issues an Advisory for WiFi Admin Software
Cisco has issued a critical security advisory for its wireless LAN controller (WLC). This warning has a severity rating of 10.0 out of 10.0 — in other words, it is a five-alarm fire for Cisco devices running WLC software releases 8.10.151 to 8.10.162 with MAC filter RADIUS Compatibility mode set to Other . This bug appears in the MITRE database as CWE-303. Some of the devices affected by the bug include the 3504, 5520, and 8540 Cisco wireless controllers, as well as Cisco’s Virtual Wireless Controller (vWLC) and Mobility Express devices.
According to the advisory, an attacker who logs into the device with well crafted credentials could bypass the authentication mechanism and gain administrative access. A patch for this bug is available now, and Cisco recommends patching immediately. If you aren’t able to patch right now, the company does provide some workarounds to better protect your system until you are able to patch.
Related content
- Remote Code Execution Vulnerability Found in Cisco
- Vulnerabilities Found in Cisco Routers
-
News for Admins
One Spectre/Meltdown Flaw for Every Day of the Week, Bleedingbit: Two New Bluetooth Vulnerabilities, Intel Chips Smashed by PortSmash, Oracle Goes Cloud Native
-
News for Admins
Meltdown and Spectre revisit Intel, AMD, and ARM processors, Orangeworm, a new hacking group, targets the healthcare industry, Docker EE 2.0 announced, Remote code execution vulnerability found in Cisco - Bleedingbit: Two New Bluetooth Vulnerabilities
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
