CVE-2016-1363: Buffer Overflow
First published: Thu Apr 21 2016(Updated: )
Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7.4 before 7.4.140.0(MD) and 7.5 through 8.0 before 8.0.115.0(ED) allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCus25617.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Wireless LAN Controller software | >=7.2.0<7.4.140.0 | |
| Cisco Wireless LAN Controller software | >=7.5.0<8.0.115.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-1363?
CVE-2016-1363 is rated as critical due to its potential for remote code execution.
How do I fix CVE-2016-1363?
To fix CVE-2016-1363, upgrade your Cisco Wireless LAN Controller software to version 7.4.140.0 or 8.0.115.0 or later.
Which versions of Cisco Wireless LAN Controller are affected by CVE-2016-1363?
CVE-2016-1363 affects Cisco Wireless LAN Controller Software versions 7.2 through 7.4 before 7.4.140.0 and 7.5 through 8.0 before 8.0.115.0.
Can CVE-2016-1363 be exploited remotely?
Yes, CVE-2016-1363 can be exploited remotely through a crafted HTTP request.
What type of vulnerability is CVE-2016-1363?
CVE-2016-1363 is a buffer overflow vulnerability affecting Cisco Wireless LAN Controller software.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco wireless lan controller software
- version/cisco wireless lan controller software/7.2.0
- version/cisco wireless lan controller software/7.5.0