EUVD-2019-8002

Malware in sbrugna...

CVE-2019-18201

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, an attacker is able to eavesdrop on sensitive data such as passwords...

CVE-2024-53939

An issue was discovered in Victure RX1800 WiFi 6 Router software ENV1.0.0r12110933, hardware 1.0 devices. The /cgi-bin/luci/admin/opsw/Dualfrequnapple endpoint is vulnerable to command injection through the 2.4 GHz and 5 GHz name parameters, allowing an attacker to execute arbitrary commands on t...

CVE-2024-53939

An issue was discovered in Victure RX1800 WiFi 6 Router software ENV1.0.0r12110933, hardware 1.0 devices. The /cgi-bin/luci/admin/opsw/Dualfrequnapple endpoint is vulnerable to command injection through the 2.4 GHz and 5 GHz name parameters, allowing an attacker to execute arbitrary commands on t...

CVE-2022-35860

CVE-2022-35860 affects Corsair K63 Wireless keyboard (version 3.1.3). The root cause is missing AES encryption in the 2.4 GHz wireless channel, enabling physically proximate attackers to inject keystrokes and sniff them over the radio. The vulnerability is documented across multiple sources (NVD/...

CVE-2022-35860

Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions...

TRENDnet TEW-831DR Information Disclosure Vulnerability

TRENDnet TEW-831DR is a router from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-831DR version 1.0 601.130.1.1356, which stems from the fact that the default pre-shared key for Wi-Fi networks is the same for every router, except for the last four digits. An attacker within the...

CVE-2022-30325

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker...

Tenda AC5 AC1200 Wireless Cross Site Scripting

Exploit Title: Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting Exploit Author: Chiragh Arora Hardware Model: Tenda AC5 AC1200 Firmware version: V15.03.06.47multi Tested on: Kali Linux CVE ID: CVE-2021-3186 Date: 25.01.2021 Steps to Reproduce - - Navigate to the Tend...

Sparrow-Wifi - Next-Gen GUI-based WiFi And Bluetooth Analyzer For Linux

Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it provides a more comprehensive GUI-based replacement for tools like inSSIDer and linssid that runs specifically on linux. In its most comprehensive use case...

Fujitsu Wireless Keyboard Set LX390 Unauthorized Access Vulnerability

The Fujitsu Wireless Keyboard Set LX390 is a wireless keyboard from Fujitsu Japan. A security vulnerability exists in the Fujitsu Wireless Keyboard Set LX390, which is caused due to a failure of the program to properly encrypt 2.4 GHz communications. The vulnerability can be exploited by an...

Code injection

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, an attacker is able to eavesdrop on sensitive data such as passwords...

Design/Logic Flaw

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks...

CVE-2019-18200

CVE-2019-18200 affects Fujitsu Wireless Keyboard Set LX390 GK381. Root cause: 2.4 GHz communications were not properly encrypted, enabling keystroke injection attacks via crafted data packets or injection of keystrokes. The Threatpost report describes PoC attacks that can inject keystrokes at sho...

CVE-2019-18199

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, and because of password-based authentication, they are vulnerable to replay attacks...

CVE-2019-9835

The receiver aka bridge component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legitimate communication uses AES encryption...

Design/Logic Flaw

The receiver aka bridge component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legitimate communication uses AES encryption...

BoopSuite - A Suite of Tools for Wireless Auditing and Security Testing

BoopSuite is an up and coming suite of wireless tools designed to be easy to use and powerful in scope, that support both the 2 and 5 GHz spectrums. Written purely in python. A handshake sniffer CLI and GUI, a monitor mode enabling script and a deauth script are all parts of this suite with more ...

CVE-2016-2398

Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions...

CVE-2016-2398

CVE-2016-2398 affects the Comcast XFINITY Home Security System. The vulnerability arises from improper maintenance of base-station communication, allowing physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions. The linked records confirm the...