CVE-2007-2032

critical

Description

Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33614

http://www.vupen.com/english/advisories/2007/1367

http://www.securityfocus.com/bid/23460

http://www.osvdb.org/34132

http://www.cisco.com/warp/public/707/cisco-sa-20070412-wcs.shtml

http://securitytracker.com/id?1017907

http://secunia.com/advisories/24865

Details

Source: Mitre, NVD

Published: 2007-04-16

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.01039