Lucene search
K

96 matches found

CVE
CVE
added 2021/12/25 11:25 p.m.65 views

CVE-2021-37584

CVE-2021-37584 affects MediaTek chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 used in NETGEAR devices (and others) and is caused by mishandling the WPS protocol, leading to an out-of-bounds write. The affected software version is 7.4.0.0. Severity is hig...

9.3CVSS8.7AI score0.01197EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/12/25 11:25 p.m.62 views

CVE-2021-37563

CVE-2021-37563 affects MediaTek-based chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 used in NETGEAR devices (and others). The vulnerability stems from mishandling of the WPS protocol, resulting in an out-of-bounds write. Affected software version: 7.4.0....

9.3CVSS8.7AI score0.01197EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/12/25 11:25 p.m.56 views

CVE-2021-32467

CVE-2021-32467 affects MediaTek chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 used in NETGEAR devices. Root cause: mishandling of the WPS protocol leading to an out-of-bounds read. Affected software version: 7.4.0.0. Impact per CVSS-3.1: availability imp...

8.2CVSS7.6AI score0.00981EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/12/25 11:25 p.m.63 views

CVE-2021-32468

MediaTek WPS handling in NETGEAR devices enables an out-of-bounds read due to buggy chip firmware. Affected chipsets: MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Version: 7.4.0.0. The CVE is documented with out-of-bounds read as the core flaw...

8.2CVSS7.6AI score0.01175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/12/25 11:24 p.m.62 views

CVE-2021-32469

CVE-2021-32469 concerns MediaTek Wi‑Fi WPS handling in NETGEAR devices and other products. Affected chipsets include MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, and MT7915, with reported out‑of‑bounds read in the WPS process. The vulnerability is tied to the way WPS i...

8.2CVSS7.6AI score0.00981EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/12/25 12:0 a.m.7 views

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called Mediatek. The MediaTek chips contain a security vulnerability that stems from the chips incorrectly handling the WPS Wi-Fi Protected Setup protocol when running on NETGEAR 21-11-11 device models and other devices...

9.3CVSS7.9AI score0.01197EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/05/18 2:13 p.m.5 views

hostapd: UPnP SUBSCRIBE misbehavior in WPS AP

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...

7.8CVSS7.3AI score0.15193EPSS
Exploits3References4
ATTACKERKB
ATTACKERKB
added 2020/12/11 4:15 p.m.5 views

CVE-2020-15023

Askey AP5100W devices through AP5100WDualSIG1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exchange. By capturing an attempted and even failed WPS authentication attempt, it is possible to brute...

5.9CVSS6AI score0.0161EPSS
Exploits1References4
Gitee
Gitee
added 2020/08/23 9:53 p.m.7 views

KITT-Lite

This is a Python-based pentesting CLI tool. The tool is designed to extract WPS Wi-Fi Protected Setup pins from vulnerable routers. It uses various tools such as Piexiewps, Reaver, Bully, Aircrack Suite, and Wash in an automated way to achieve its goal. The tool is likely used for penetration...

6.7AI score
Exploits0
Gitee
Gitee
added 2020/08/05 9:53 a.m.3 views

KITT-Lite

This is an offensive tool for wireless network exploitation. It is a collection of scripts and tools for various wireless-related tasks, including wireless network scanning, device identification, and password cracking. The toolset includes scripts for tasks such as: Wireless network scanning usi...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2018/07/30 12:0 a.m.71 views

Microsoft Wireless Display Adapter 2 Command Injection / Broken Access Control

secuvera-SA-2018-03: Command Injection, Broken Access Control and Evil-Twin-Attack in Microsoft Wireless Display Adapter V2 - CVE-2018-8306 Affected Products: Microsoft Wireless Display Adapter V2: - Microsoft Wireless Display Adapter V2 Softwareversion 2.0.8350 to 2.0.8372 have been tested and a...

0.02884EPSS
Exploits2
OSV
OSV
added 2017/01/30 4:59 a.m.5 views

CVE-2016-10180

An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srandtime0 seeding...

7.5CVSS5.8AI score0.04414EPSS
Exploits1References2
CNVD
CNVD
added 2016/10/18 12:0 a.m.3 views

D-Link DWR-932B LET Router WPS PIN Generator Vulnerability

The D-Link DWR-932B LET is a wireless router. A vulnerability exists in the WPS PIN generator of the D-Link DWR-932B LET router. Since a user can temporarily generate a new WPS PIN via the router's web management interface, an attacker can exploit the vulnerability to use the PIN to access a...

6.9AI score
Exploits0References1
CVE
CVE
added 2016/06/25 9:0 p.m.46 views

CVE-2016-4824

The CVE-2016-4824 issue affects Corega CG-WLR300GNV and CG-WLR300GNV-W wireless routers. The WPS PIN authentication implementation does not limit the number of attempts, enabling authenticated brute-force attempts from within wireless range to recover the PIN and gain network access. Affected com...

5.3CVSS5.4AI score0.01385EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/06/25 9:0 p.m.21 views

CVE-2016-4824

The Wi-Fi Protected Setup WPS implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack...

5.4AI score0.01385EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/22 5:57 a.m.2 views

CG-WLR300GNV Series does not limit authentication attempts

Overview CG-WLR300GNV and CG-WLR300GNV-W provided by Corega Inc are wireless LAN routers. The WPS functionality in CG-WLR300GNV Series does not limit PIN authentication attempts, making it susceptible to brute force attacks. Takeshi Okamoto of Kanagawa Institute of Technology and Takaaki Minegish...

5.3CVSS7.1AI score0.01385EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2016/05/11 12:0 a.m.66 views

Android Broadcom Wi-Fi Driver Memory Corruption

/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...

8.3CVSS0.5AI score0.33367EPSS
Exploits4
Exploit DB
Exploit DB
added 2016/05/11 12:0 a.m.85 views

Google Android Broadcom Wi-Fi Driver - Memory Corruption

/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...

9.8CVSS7.5AI score0.33367EPSS
Exploits4
OSV
OSV
added 2016/05/09 12:0 a.m.5 views

UBUNTU-CVE-2016-4476

hostapd 0.6.7 through 2.5 and wpasupplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service daemon outage via a crafted WPS operation...

7.5CVSS6.9AI score0.02858EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2015/12/15 12:0 a.m.6 views

The vulnerabilities of the Wi-Fi Protected Access WPA Supplicant client, the Jouni Malinen Hostapd software access point, and the openSUSE operating system allow a hacker to trigger a service failure.

Multiple vulnerabilities exist in the Wi-Fi Protected Access WPA Supplicant software, the Jouni Malinen Hostapd access point software, and the openSUSE operating system. These vulnerabilities are related to integer handling errors. Exploitation of these vulnerabilities could allow a malicious act...

5CVSS6.5AI score0.03409EPSS
Exploits0References7Affected Software3
Rows per page
Query Builder