Hackers from afar can mess around with Cisco’s Aironet industrial and business Wi-Fi access points because the devices have flawed URL access controls, Cisco has warned customers.
The critical Aironet flaw has been assigned the identified CVE-2019-15260 and has a CVSS v3 score of 9.8 out of 10.
The bug affects several Aironet product lines, including access points for industrial customers. It can be exploited by a remote attacker without the correct credentials, who could then tamper with device settings with elevated privileges or view sensitive corporate information