CVE-2021-38206

A flaw was found on the Linux kernel. A NULL pointer dereference in the radiotap parser, leading to a denial of service, can occur in the mac80211 subsystem when a device supports only 5 GHz is used and frames with 802.11a rates are injected. The highest threat from this vulnerability is to syste...

CVE-2021-38206

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service NULL pointer dereference in the radiotap parser by injecting a frame with 802.11a rates...

CVE-2021-38206

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service NULL pointer dereference in the radiotap parser by injecting a frame with 802.11a rates...

CVE-2021-38206

The CVE-2021-38206 issue affects the Linux kernel mac80211 subsystem before 5.12.13: when a 5 GHz-only device is used, injecting a frame with 802.11a rates can trigger a NULL pointer dereference in the radiotap parser, causing a Denial of Service. The vulnerability is addressed in Linux kernel 5....

CVE-2021-38206

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service NULL pointer dereference in the radiotap parser by injecting a frame with 802.11a rates...

Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability

Summary An exploitable improper access control vulnerability exists in the iwwebs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the...

Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability

Summary An exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. Tested Versions Moxa...

Moxa AWK-3131A iw_console Privilege Escalation Vulnerability

Summary An exploitable privilege escalation vulnerability exists in the iwconsole functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send...

Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Remote Root

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 build 1184-14 IPn4Gb 1.1.0 Rev 2 build 1090-2 IPn4Gb 1.1.0 R...

Command injection

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 current. An attacker can inject commands via the username parameter of several...

Moxa AWK-3131A Multiple Features Login Username Parameter OS Command Injection Vulnerability

Summary An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 current. An attacker can inject commands via the username parameter of...

Information disclosure

An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker...

CVE-2016-8722

An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker...

CVE-2016-8722

An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker...

Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability

Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability Summary An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without...

Siemens Scalance W-700 系列设备SSL证书欺骗漏洞

Siemens Scalance W-700系列内置SSL证书欺骗漏洞 CNVD-ID CNVD-2013-11278 CVE-ID: CVE-2013-4651 在关于担保的管理 web 界面和命令行管理界面中的身份验证旁路硬编码的 SSL 证书的西门子 Scalance W7xx IEEE 802.11a/b/g 产品系列。Siemens Scalance W-700 Series是西门子开发的工业无线交换机设备。 Siemens Scalance W-700系列设备设备内置的SSL证书，不能通过管理接口来更换该证书，允许攻击者通过中间人攻击获取敏感信息。 如下固件版本...

OS X 10.6.5 kernel crash upon wlan roaming with disabled mandatory MCS

During the buildup at the CCC 27c3 congress in Berlin we noticed several Apple Macbooks kernel paniced while connected to the wireless network. We identified the cause of this issue and we are able to reproduce this as well. It seems to be limited to the aluminum unibody Macbooks, running OS X...