Security Flaw in Cisco Wireless Control System Exposing Sensitive Data
CVE-2007-2032

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Control System
Vendor: CVE Published:; 16 April 2007

Summary

The Cisco Wireless Control System (WCS) prior to version 4.0.96.0 contains a vulnerability related to hard-coded FTP usernames and passwords. This flaw allows attackers with network access to exploit the FTP server configuration, granting them the ability to read and modify arbitrary files. The issue is associated with certain properties of the FTP server that have not been adequately secured. An attacker could leverage this vulnerability to perform unauthorized file operations, compromising system integrity and exposing sensitive data.

References

http://www.cisco.com/warp/public/707/cisco-sa-20070412-wc...

vendor-advisoryx_refsource_CISCO

http://www.vupen.com/english/advisories/2007/1367

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1017907

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 16, 2007
Vulnerability Reserved
Apr 16, 2007