A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NCisco 1100 Integrated Services Router
HWCiscowszystkie wersjeCisco Aironet 1540
HWCiscowszystkie wersjeCisco Aironet 1560
HWCiscowszystkie wersjeCisco Aironet 1800
HWCiscowszystkie wersjeCisco Aironet 2800
HWCiscowszystkie wersjeCisco Aironet 3800
HWCiscowszystkie wersjeCisco Aironet 4800
HWCiscowszystkie wersjeCisco Aironet Access Point Software
APPCiscowszystkie wersjeCisco Catalyst 9100
HWCiscowszystkie wersjeCisco Catalyst 9800
HWCiscowszystkie wersjeCisco Catalyst 9800 Firmware
OSCisco17.1 – 17.3.3 (bez)Cisco Catalyst Iw6300
HWCiscowszystkie wersjeCisco Esw6300
HWCiscowszystkie wersjeCisco Wireless Lan Controller Software
APPCisco8.10.112.0 – 8.10.142.0 (bez)
Related vulnerabilities
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability tha...
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allo...
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisc...
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote ...
A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker ...