Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it returns a warning message: “WARNING: CPU: 0 PID: 63 at cfg80211chandefdfsusable+0x20/0xaf cfg80211” This issue is caused by...

CVE-2025-15568

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

CVE-2025-13955

CVE-2025-13955 describes a vulnerability in EZCast Pro II dongle (software version 1.17478.146) where the Wi‑Fi access point password is predictable. Attackers within Wi‑Fi range can deduce the default password from observable device identifiers, granting access to the dongle. The vulnerability i...

PT-2025-49450

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s brcmfmac driver contains a flaw related to handling Action frames in standalone Access Point AP mode. Specifically, when hostapd manages the WLAN interface, the driver...

CVE-2025-12986 Denial of Service Vulnerability in Silicon Labs WF200 and WGM160P Devices

When a WF200/WGM160P device is configured to operate as an Access Point, it may be vulnerable to a denial of service triggered by a malformed packet. The device may recover automatically or require a hard reset...

CVE-2025-12986

CVE-2025-12986 affects Silicon Labs WF200/WGM160P devices configured as an Access Point. A malformed-packet trigger can cause a denial of service, with possible automatic recovery or a hard reset required. The provided documents do not specify a concrete fix or affected firmware versions. Multipl...

PT-2025-49159

Name of the Vulnerable Software and Affected Versions WF200/WGM160P affected versions not specified Description A device operating as an Access Point may experience a denial of service when processing a malformed packet. The device may automatically recover or require a hard reset. Recommendation...

SUSE CVE-2022-49539

In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER system error recover L2 reset process and ieee80211restarthw which is called by L2 reset process eventuall...

DEBIAN-CVE-2022-49539

In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER system error recover L2 reset process and ieee80211restarthw which is called by L2 reset process eventuall...

CVE-2024-35519

Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operatingmode.cgi via the apmode parameter...

NETGEAR EX6120、EX6100和EX3700 安全漏洞

NETGEAR EX3700 and others are products of NETGEAR Corporation USA.NETGEAR EX3700 is a wireless network signal extender.NETGEAR EX6100 is a WiFi range extender.NETGEAR EX6120 is a wireless extender. A security vulnerability exists in the Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and...

kernel: wifi: nl80211: fix NULL-ptr deref in offchan check

A flaw was found in the cfg80211 module in the Linux kernel. In Access Point AP mode, if a wireless link is created by userspace but not yet activated, it may contain an invalid channel definition with no channel. This issue may cause a NULL pointer dereference that results in a denial of service...

kernel: wifi: nl80211: fix NULL-ptr deref in offchan check

A flaw was found in the cfg80211 module in the Linux kernel. In Access Point AP mode, if a wireless link is created by userspace but not yet activated, it may contain an invalid channel definition with no channel. This issue may cause a NULL pointer dereference that results in a denial of service...

CVE-2022-38546

A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00ABZY.3C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode...

Zyxel NBG7510 安全漏洞

The Zyxel NBG7510 is a wireless router from China Hopkins Zyxel. A security vulnerability exists in versions prior to Zyxel NBG7510 V1.00ABZY.3C0, which stems from a DNS misconfiguration that allows an unauthenticated attacker to access DNS servers when the device is switched to AP mode...

MGASA-2020-0244 Updated wpa_supplicant packages fix security vulnerability

Updated wpasupplicant and hostpad packages fix security vulnerability: A vulnerability was discovered in wpasupplicant. When Access Point AP mode and Protected Management Frames PMF IEEE 802.11w are enabled, wpasupplicant does not perform enough validation on the source address of some received...

CVE-2018-19987

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B0101i3seBETA, and DIR-890L Rev.A 1.21B02BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint...

hostapd: integer underflow in AP mode WMM Action frame processing

An integer underflow flaw, leading to a buffer over-read, was found in the way wpasupplicant handled WMM Action frames. A specially crafted frame could possibly allow an attacker within Wi-Fi radio range to cause wpasupplicant to crash...

Yamaha MusicCAST MCX-1000 wireless network interface operates in Access Point mode by default

Overview The Yamaha MusicCAST MCX-1000 server wireless networking interface is enabled by default, cannot be disabled, and operates in Access Point mode. A remote attacker could access the MusicCAST wireless network and potentially any other network connected to the MusicCAST. Description The...