A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote malicious user to view sensitive information. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. A successful exploit could allow the malicious user to view system files on the targeted device, which may contain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco wireless lan controller software 8.2\\(151.0\\) |