Cisco » Wireless Lan Controller Software : Security Vulnerabilities, CVEs, Published In 2018 (Directory traversal)
A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. A successful exploit could allow the attacker to view system files on the targeted device, which may contain sensitive information.
Max CVSS
6.5
EPSS Score
0.14%
Published
2018-10-17
Updated
2023-02-03
1 vulnerabilities found