96 matches found
CVE-2021-37584
CVE-2021-37584 affects MediaTek chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 used in NETGEAR devices (and others) and is caused by mishandling the WPS protocol, leading to an out-of-bounds write. The affected software version is 7.4.0.0. Severity is hig...
CVE-2021-37563
CVE-2021-37563 affects MediaTek-based chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 used in NETGEAR devices (and others). The vulnerability stems from mishandling of the WPS protocol, resulting in an out-of-bounds write. Affected software version: 7.4.0....
CVE-2021-32467
CVE-2021-32467 affects MediaTek chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 used in NETGEAR devices. Root cause: mishandling of the WPS protocol leading to an out-of-bounds read. Affected software version: 7.4.0.0. Impact per CVSS-3.1: availability imp...
CVE-2021-32468
MediaTek WPS handling in NETGEAR devices enables an out-of-bounds read due to buggy chip firmware. Affected chipsets: MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Version: 7.4.0.0. The CVE is documented with out-of-bounds read as the core flaw...
CVE-2021-32469
CVE-2021-32469 concerns MediaTek Wi‑Fi WPS handling in NETGEAR devices and other products. Affected chipsets include MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, and MT7915, with reported out‑of‑bounds read in the WPS process. The vulnerability is tied to the way WPS i...
MediaTek 芯片缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company called Mediatek. The MediaTek chips contain a security vulnerability that stems from the chips incorrectly handling the WPS Wi-Fi Protected Setup protocol when running on NETGEAR 21-11-11 device models and other devices...
hostapd: UPnP SUBSCRIBE misbehavior in WPS AP
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...
CVE-2020-15023
Askey AP5100W devices through AP5100WDualSIG1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exchange. By capturing an attempted and even failed WPS authentication attempt, it is possible to brute...
KITT-Lite
This is a Python-based pentesting CLI tool. The tool is designed to extract WPS Wi-Fi Protected Setup pins from vulnerable routers. It uses various tools such as Piexiewps, Reaver, Bully, Aircrack Suite, and Wash in an automated way to achieve its goal. The tool is likely used for penetration...
KITT-Lite
This is an offensive tool for wireless network exploitation. It is a collection of scripts and tools for various wireless-related tasks, including wireless network scanning, device identification, and password cracking. The toolset includes scripts for tasks such as: Wireless network scanning usi...
Microsoft Wireless Display Adapter 2 Command Injection / Broken Access Control
secuvera-SA-2018-03: Command Injection, Broken Access Control and Evil-Twin-Attack in Microsoft Wireless Display Adapter V2 - CVE-2018-8306 Affected Products: Microsoft Wireless Display Adapter V2: - Microsoft Wireless Display Adapter V2 Softwareversion 2.0.8350 to 2.0.8372 have been tested and a...
CVE-2016-10180
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srandtime0 seeding...
D-Link DWR-932B LET Router WPS PIN Generator Vulnerability
The D-Link DWR-932B LET is a wireless router. A vulnerability exists in the WPS PIN generator of the D-Link DWR-932B LET router. Since a user can temporarily generate a new WPS PIN via the router's web management interface, an attacker can exploit the vulnerability to use the PIN to access a...
CVE-2016-4824
The CVE-2016-4824 issue affects Corega CG-WLR300GNV and CG-WLR300GNV-W wireless routers. The WPS PIN authentication implementation does not limit the number of attempts, enabling authenticated brute-force attempts from within wireless range to recover the PIN and gain network access. Affected com...
CVE-2016-4824
The Wi-Fi Protected Setup WPS implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack...
CG-WLR300GNV Series does not limit authentication attempts
Overview CG-WLR300GNV and CG-WLR300GNV-W provided by Corega Inc are wireless LAN routers. The WPS functionality in CG-WLR300GNV Series does not limit PIN authentication attempts, making it susceptible to brute force attacks. Takeshi Okamoto of Kanagawa Institute of Technology and Takaaki Minegish...
Android Broadcom Wi-Fi Driver Memory Corruption
/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...
Google Android Broadcom Wi-Fi Driver - Memory Corruption
/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...
UBUNTU-CVE-2016-4476
hostapd 0.6.7 through 2.5 and wpasupplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service daemon outage via a crafted WPS operation...
The vulnerabilities of the Wi-Fi Protected Access WPA Supplicant client, the Jouni Malinen Hostapd software access point, and the openSUSE operating system allow a hacker to trigger a service failure.
Multiple vulnerabilities exist in the Wi-Fi Protected Access WPA Supplicant software, the Jouni Malinen Hostapd access point software, and the openSUSE operating system. These vulnerabilities are related to integer handling errors. Exploitation of these vulnerabilities could allow a malicious act...