This page lists publicly disclosed CVE vulnerabilities affecting cisco 4100_wireless_lan_controller (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2013-1235 | Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507. | [email protected] | 5.0 | 0.47% | 2013-05-04 | 2026-04-29 |
| CVE-2013-1104 | The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636. | [email protected] | 9.0 | 1.18% | 2013-01-24 | 2026-04-29 |
| CVE-2013-1103 | Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659. | [email protected] | 7.8 | 0.71% | 2013-01-24 | 2026-04-29 |
| CVE-2013-1102 | The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID CSCtx80743. | [email protected] | 7.8 | 0.64% | 2013-01-24 | 2026-04-29 |
| CVE-2012-6007 | Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992. | [email protected] | 4.3 | 3.48% | 2012-12-19 | 2026-04-29 |
| CVE-2012-5992 | Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via screens/aaa/mgmtuser_create.html or (2) insert XSS sequences via the headline parameter to screens/base/web_auth_custom.html, aka Bug ID CSCud50283. | [email protected] | 6.8 | 0.59% | 2012-12-19 | 2026-04-29 |
| CVE-2012-5991 | screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain buttonClicked value in an internal webauth_type request, aka Bug ID CSCud50209. | [email protected] | 6.3 | 14.06% | 2012-12-19 | 2026-04-29 |
| CVE-2012-0371 | Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709. | [email protected] | 9.3 | 0.48% | 2012-03-01 | 2026-04-29 |
| CVE-2012-0370 | Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435. | [email protected] | 7.8 | 0.39% | 2012-03-01 | 2026-04-29 |
| CVE-2012-0369 | Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949. | [email protected] | 7.8 | 0.43% | 2012-03-01 | 2026-04-29 |
| CVE-2012-0368 | The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997. | [email protected] | 7.8 | 0.43% | 2012-03-01 | 2026-04-29 |
| CVE-2007-2038 | The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug ID CSCsg36361. | [email protected] | 6.1 | 0.57% | 2007-04-16 | 2026-04-23 |