EUVD-2021-12558

Malware in sbrugna...

Siemens SCALANCE Missing Authentication for Critical Function (CVE-2020-24588)

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...

Siemens SCALANCE W780 and W740 Allocation of Resources Without Limits or Throttling (CVE-2021-25666)

A vulnerability has been identified in SCALANCE W780 and W740 IEEE 802.11n family All versions V6.3. Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time. This...

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...

Shenzhen Skyworth RN510 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

Overview ======== Title:- Authenticated XSRF in RN510 Mesh Extender. CVE-ID :- CVE-2021-25327 Author: Kaustubh G. Padwad Vendor: Shenzhen Skyworth Digital Technology Company Ltd.http://www.skyworthdigital.com/products Products: 1. RN510 with firmware V.3.1.0.4 Tested and verified Potential 2.RN62...

Design/Logic Flaw

A vulnerability has been identified in SCALANCE W780 and W740 IEEE 802.11n family All versions V6.3. Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time...

CVE-2021-25666

CVE-2021-25666 affects Siemens SCALANCE W780 and W740 (IEEE 802.11n) family: all versions before v6.3. The issue arises from sending specially crafted ARP packets that can cause a partial denial-of-service, making the device unavailable for a short period. Mitigation is to update to v6.3 or later...

Denial Of Service (DoS)

The kernel package is vulnerable to Denial Of Service DoS. A race condition was found in the mac80211 implementation, a framework used for writing drivers for wireless devices. An attacker could trigger this flaw by sending a Delete Block ACK DELBA packet to a target system, resulting in a remote...

Aircrack-ng 1.6 - Complete Suite Of Tools To Assess WiFi Network Security

Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...

Siemens SCALANCE WLC711 6GK571-10XC00-1AB0 IWLAN Controller Detection

Binary data 765311.prm...

ICSA-19-253-03_Siemens Industrial Products (Update P)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION...

Apple Releases Security Updates for AirPort 802.11n Wi-Fi Base Stations

Apple has released security updates to address vulnerabilities in AirPort Express, AirPort Extreme, and AirPort Time Capsule wireless routers with 802.11n. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure...

Secutech DSL WR RIS 330 - Filter Bypass Vulnerability

Document Title: =============== Secutech DSL WR RIS 330 - Filter Bypass Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1988 Release Date: ============= 2018-07-08 Vulnerability Laboratory ID VL-ID: ==================================== 198...

About the security content of AirPort Base Station Firmware Update 7.6.9 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

HS-110 Smart Plug Account Takeover / Insecure Design

Content Table 1. Introduction 2. The Firmware 3. The Android Application 4. The Problems 5. Conclusion 6. Appendix 6.1. Excursion Dalvik 6.2 Control script 1. Introduction The HS-110 is a Smart Plug meaning it is capable of being controlled with commands via a network. TP-Link released a mobile...

Raspberry Pi 3 — New $35 MicroComputer with Built-in Wi-Fi and Bluetooth

While celebrating its computer's fourth birthday, the Raspberry Pi Foundation has launched a brand new Raspberry Pi today. Great news for all Micro-computing fans – A new, powerful Raspberry Pi 3 Model B in town. Months after introducing just $5 Raspberry Pi Zero, Raspberry Pi Foundation has...

Mouse-Box — An Entire Computer inside a Mouse

Smartphones in our pockets are exponentially smaller and more powerful that they don't realize the need to carry laptops with us everywhere. Now imagine if a small mouse meets the need of the entire PC? Not just imagination, it has been proved and done by the engineers at a Polish startup...

TP-Link TL-WR740N Wireless Router MitM httpd Denial Of Service

Exploit for hardware platform in category dos / poc TP-Link TL-WR740N Wireless Router MitM httpd Denial Of Service Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: - Firmware version: 3.17.0 Build 140520 Rel.75075n Released: 5/20/2014 - Firmware...

Linksys WAP610N Unauthenticated Root Access Security Vulnerability

No description provided by source. Secure Network - Security Research Advisory Vuln name: Linksys WAP610N Unauthenticated Access With Root Privileges Systems affected: WAP610N Firmware Version: 1.0.01 Systems not affected: -- Severity: High Local/Remote: Remote Vendor URL:...

APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 AirPort Base Station Firmware Update 7.6.4 is now available and addresses the following: Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with...