CVE-2012-6007

CVE Database · CVE-2012-6007

CVE-2012-6007

· N/AModified

CVSS v3.1

N/A

EPSS

3.66%

Published

Dec 19, 2012

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBCisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.

Weaknesses (CWE)

CWE-79

Affected Products (9)

cisco · wireless_lan_controller_softwarevulnerable

cisco · 2000_wireless_lan_controllervulnerable

cisco · 2100_wireless_lan_controllervulnerable

cisco · 2500_wireless_lan_controllervulnerable

cisco · 4100_wireless_lan_controllervulnerable

cisco · 4400_wireless_lan_controllervulnerable

cisco · 5500_wireless_lan_controllervulnerable

cisco · 7500_wireless_lan_controllervulnerable

cisco · 8500_wireless_lan_controllervulnerable

References (2)

http://infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.html

Exploit

http://infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.html

Exploit

KEV Catalog EPSS Scores Vendors All CVEs