Remote File Manipulation Vulnerability in Cisco Wireless Control System
CVE-2006-3288

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Control System
Vendor: CVE Published:; 28 June 2006

Summary

A vulnerability exists in the TFTP server component of Cisco Wireless Control System (WCS) prior to version 3.2(51) for both Linux and Windows operating systems. This issue arises when users configure a directory path containing a space character, enabling authenticated attackers to access and overwrite arbitrary files through unspecified attack vectors. This exploitation underscores the necessity for proper configuration and stringent access controls to safeguard against unauthorized file manipulation.

References

http://www.vupen.com/english/advisories/2006/2583

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/20870

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/warp/public/707/cisco-sa-20060628-wc...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jun 28, 2006
Vulnerability Reserved
Jun 28, 2006