By 
On Wednesday, Cisco apprised customers that some of its Aironet access points (APs) are impacted by a serious flaw that can be misused by a remote attacker to attain unlawful access to devices.
Tracked as CVE-2019-15260, the vulnerability is caused by inadequate access control for some URLs, which lets an attacker gain access with raised privileges to the device by inviting the insecure URLs.
“While the attacker would not be granted access to all possible configuration options, it could allow the attacker to view sensitive information and replace some options with values of their choosing, including wireless network configuration. It would also allow the attacker to disable the AP, creating a denial of service (DoS) condition for clients associated with the AP,” Cisco explained in an advisory.
The flaw affects Aironet 1540, 1560, 1800, 2800, 3800 and 4800 series APs. Patches are comprised in versions 8.5.151.0, 8.8.125.0 and 8.9.111.0.
The company says the flaw was revealed during a support case and there is no indication of misuse for malevolent purposes.
Cisco discovered on Wednesday that Aironet APs are also affected by two critical flaws that can be misused without verification for denial-of-service (DoS) attacks. One of the vulnerabilities affects the Point-to-Point Tunneling Protocol (PPTP) VPN packet dispensation functionality, while the other occurs in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol.
Barring the SPA100 flaw, which can be misused only with verification, the other vulnerability can be misused remotely without authentication. The SPA100 security hole has yet to be repaired, but Cisco is working on a fix.
