Lucene search
K

155 matches found

CVE
CVE
added 2019/04/18 1:20 a.m.68 views

CVE-2019-1834

CVE-2019-1834 affects Cisco Aironet Series Access Points. The issue stems from the internal packet processing where certain crafted wireless client packets are forwarded outside the CAPWAP tunnel, enabling an unauthenticated, adjacent attacker to trigger a security violation on the connected swit...

7.4CVSS6.7AI score0.00631EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/01/11 12:0 a.m.4 views

NEC Aterm W300P Operating System Command Injection Vulnerability

The NEC Aterm W300P is a wireless router from Nippon Electric NEC. An operating system command injection vulnerability exists in the NEC Aterm W300P using firmware version 1.0.13 and earlier. The vulnerability can be exploited to execute arbitrary operating system commands with the 'targetAPSsid'...

9CVSS8.3AI score0.01399EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/10/17 10:0 p.m.13 views

CVE-2018-0381 Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability

A vulnerability in the Cisco Aironet Series Access Points APs software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to a deadlock condition that may occur when an affect...

5.8CVSS6.5AI score0.00524EPSS
Exploits0References3
CVE
CVE
added 2018/10/17 10:0 p.m.51 views

CVE-2018-0441

Cisco IOS Access Points Software vulnerable to CVE-2018-0441 due to a timer mechanism corruption in the 802.11r Fast Transition feature. An unauthenticated, adjacent attacker can trigger a DoS by sending malicious reassociation events in quick succession, leading to timer crashes. Root cause: tim...

7.4CVSS7.5AI score0.00856EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/05/02 10:29 p.m.16 views

CVE-2018-0250

A vulnerability in Central Web Authentication CWA with FlexConnect Access Points APs for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list ACL. The vulnerability is du...

4.1CVSS4.5AI score0.0048EPSS
Exploits0References2
Metasploit
Metasploit
added 2018/04/30 1:32 p.m.48 views

Displays wireless SSIDs and PSKs

This module displays all wireless AP creds saved on the target device. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Displays wireless SSIDs and PSKs', 'Description' = %q This module displays...

7.3AI score
Exploits0
NVD
NVD
added 2018/02/14 7:29 p.m.15 views

CVE-2017-6230

Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems...

9CVSS8.9AI score0.02268EPSS
Exploits0References1
Prion
Prion
added 2018/02/14 7:29 p.m.13 views

Command injection

Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems...

9CVSS8.8AI score0.02268EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2018/02/14 7:0 p.m.62 views

CVE-2017-6230

The CVE-2017-6230 entry concerns Ruckus Networks Solo APs (firmware R110.x or earlier) and SZ managed APs (firmware R5.x or earlier). It describes an authenticated Root Command Injection vulnerability in the web-GUI, enabling an authenticated user to execute privileged commands on affected system...

9CVSS8.8AI score0.02268EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/14 7:0 p.m.16 views

CVE-2017-6230

Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems...

8.9AI score0.02268EPSS
Exploits0References1
Kitploit
Kitploit
added 2017/09/17 9:30 p.m.29 views

Reaver - Attack against Wi-Fi Protected Setup (WPS)

Reaver has been designed to be a robust and practical attack against Wi-Fi Protected Setup WPS registrar PINs in order to recover WPA/WPA2 passphrases. It has been tested against a wide variety of access points and WPS implementations. The original Reaver implements a online brute force attack...

7.3AI score
Exploits0References2
Vulnerability Lab
Vulnerability Lab
added 2017/02/22 12:0 a.m.61 views

Joomla com_redshop 1.4&1.5 - SQL Injection Vulnerability

Document Title: =============== Joomla comredshop 1.4&1.5 - SQL Injection Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2038 Release Date: ============= 2017-02-22 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
CVE
CVE
added 2017/01/26 7:45 a.m.56 views

CVE-2016-9220

CVE-2016-9220 affects Cisco Mobility Express 2800 and 3800 Access Points. ADoS exists in 802.11 ingress packet processing, allowing an unauthenticated adjacent attacker to fill the connection table with invalid connections and prevent processing new requests. Impact is limited to availability (co...

4.3CVSS4.5AI score0.00446EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/01/26 7:45 a.m.44 views

CVE-2016-9221

The CVE refers to a Denial of Service vulnerability in the 802.11 ingress connection authentication handling on Cisco Mobility Express 2800 Series and 3800 Series APs when configured in local mode at 40 MHz. Affected products can be attacked by an unauthenticated, adjacent actor to cause authenti...

4.3CVSS4.6AI score0.00544EPSS
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2013/09/09 3:54 a.m.16 views

[wEAPe] Weape-Wireless-EAP-Extractor Script

Auto extracts EAP 802.1x user names Features Sets up wireless card into monitor mode Lists all APs Associates with AP's you wish Extracts domain user names from any connects using EAP Requirements airodump tool set Tested on Backtrack 5 and Kali. Download wEAPe...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2012/11/04 3:4 a.m.21 views

[Wifi Honey] Creates fake APs using all encryption

This is a script, attack can use to creates fake APs using all encryption and monitors with Airodump. It automate the setup process, it creates five monitor mode interfaces, four are used as APs and the fifth is used for airdump-ng. To make things easier, rather than having five windows all this ...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2010/08/08 12:0 a.m.48 views

XSS vulnerability in Prado Portal

Vulnerability ID: HTB22515 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinpradoportal.html Product: Prado Portal Vendor: Compudesign ApS http://www.pradoportal.dk/ Vulnerable Version: 1.2.0 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: XSS Cross...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/06 12:0 a.m.24 views

Prado Portal 1.2.0 Cross Site Scripting

Vulnerability ID: HTB22515 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinpradoportal.html Product: Prado Portal Vendor: Compudesign ApS http://www.pradoportal.dk/ Vulnerable Version: 1.2.0 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: XSS Cross...

Exploits0
Packet Storm
Packet Storm
added 2010/08/06 12:0 a.m.18 views

SiteLoom CMS 21.07.2010 Cross Site Scripting

Vulnerability ID: HTB22516 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsiteloomcms.html Product: SiteLoom CMS Vendor: SiteLoom ApS http://www.siteloom.dk/ Vulnerable Version: Current at 21.07.2010 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: X...

7AI score
Exploits0
xssed
xssed
added 2009/04/09 12:0 a.m.12 views

Unfixed XSS vulnerability at easytrade.reliancemoney.com

Security researcher APS, has submitted on 04/09/2009 a cross-site-scripting XSS vulnerability affecting easytrade.reliancemoney.com, which at the time of submission ranked 84350 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...

Exploits0References1
Rows per page
Query Builder