Default Credential Exposure in Cisco Wireless Control System
CVE-2007-5382

Currently unrated

Key Information:

Vendor: Cisco
Status: Wireless Lan Solution Engine; Wireless Control System
Vendor: CVE Published:; 12 October 2007

Summary

The conversion utility for CiscoWorks Wireless LAN Solution Engine to Cisco Wireless Control System creates administrator accounts with default usernames and passwords. This flaw facilitates unauthorized remote access, allowing attackers to gain elevated privileges and potentially exploit the network.

References

http://www.vupen.com/english/advisories/2007/3456

vdb-entryx_refsource_VUPEN

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id?1018797

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 12, 2007
Vulnerability Reserved
Oct 11, 2007