CVE-2020-22662

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

CVE-2022-35572

On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...

CVE-2022-35572

On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4876-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4876-1 advisory. Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free...

CVE-2020-11550

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote leak of sensitive/arbitra...

CVE-2020-11550

The CVE-2020-11550 entry concerns NETGEAR Orbi devices: SRS60 AC3000 (SW 2.5.1.106), Outdoor Satellite RBS50Y (2.5.1.106), and SRR60 AC3000 (2.5.1.106). The issue is an unauthenticated disclosure via the administrative SOAP interface that can leak sensitive Wi‑Fi data, including SSIDs and PSKs. R...

AutoPi.io AutoPi Wi-Fi/NB and AutoPi 4G/LTE Brute Force Attack Vulnerabilities

AutoPi.io AutoPi Wi-Fi/NB and AutoPi 4G/LTE are both encrypted devices from the Danish company AutoPi.io. A security vulnerability exists in AutoPi.io AutoPi Wi-Fi/NB and AutoPi 4G/LTE versions prior to 2019-10-15, which stems from the fact that the default WiFi and WiFi SSIDs are both derived fr...

CVE-2018-0381 Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability

A vulnerability in the Cisco Aironet Series Access Points APs software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to a deadlock condition that may occur when an affect...

D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: D-Link DSP-W Arbitrary Arbitrary file upload Date: 30/06/2015 Exploit Author: DNO Vendor Homepage: link Version: w110 v1.05b01 Tested on: linux CVE : N/A ======================================== the only 'filtering' on this...

D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities

Exploit Title: D-Link DSP-W Arbitrary Arbitrary file upload Date: 30/06/2015 Exploit Author: DNO Vendor Homepage: link Version: w110 v1.05b01 Tested on: linux CVE : N/A ======================================== the only 'filtering' on this resources appears to be a sprintf call which statically...

openSUSE Security Update : wpa_supplicant (openSUSE-2015-341)

The wireless network encryption and authentication daemon wpasupplicant was updated to fix a security issue. The following vulnerability was fixed : - CVE-2015-1863: A buffer overflow in handling SSIDs in P2P management frames allowed attackers in radio range to crash, expose memory content or...

openSUSE: Security Advisory for wpa_supplicant (openSUSE-SU-2015:0813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arris Touchstone cable modem information leakage vulnerabiliity

Overview Arris Touchstone DG950A cable modem enables SNMP public access by default. Description CWE-200- Information Exposure The Arris Touchstone DG950A cable modem running software version 7.10.131 was found to expose sensitive information such as passwords, ssids, and wifi keys via the SNMP...

CVE-2006-1385

Stack-based buffer overflow in the parseTaggedData function in WavePacket.mm in KisMAC R54 through R73p allows remote attackers to execute arbitrary code via multiple SSIDs in a Cisco vendor tag in a 802.11 management frame...

CVE-2006-1385

KISMAC (R54–R73p) is affected by a stack-based buffer overflow in the parseTaggedData function of WavePacket.mm. The vulnerability allows remote attackers to execute arbitrary code by crafting multiple SSIDs in a Cisco vendor tag within an 802.11 management frame. The issue is triggered via malfo...