CVE-2016-1363

CVE Database · CVE-2016-1363

CVE-2016-1363

· CRITICALModified

CVSS v3.1

9.8

EPSS

5.58%

Published

Apr 21, 2016

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7.4 before 7.4.140.0(MD) and 7.5 through 8.0 before 8.0.115.0(ED) allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCus25617.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-399

Affected Products (2)

cisco · wireless_lan_controller_software (up to 7.4.140.0)vulnerable

cisco · wireless_lan_controller_software (up to 8.0.115.0)vulnerable

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd

Vendor Advisory

http://www.securitytracker.com/id/1035633

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd

Vendor Advisory

http://www.securitytracker.com/id/1035633

Third Party AdvisoryVDB Entry

KEV Catalog EPSS Scores Vendors All CVEs