CVE-2020-15023
CVE-2020-15023 affects Askey AP5100W devices up to AP5100W_Dual_SIG_1.01.097. The root cause is poor randomness in the Diffie-Hellman exchange, enabling offline WPS PIN brute-forcing: an attacker can observe WPS attempts and brute-force the authentication exchange, recovering the WPS PIN and ulti...