18 matches found
EUVD-2020-4786
Malware in sbrugna...
CVE-2025-24292
A misconfigured query in UniFi Network v9.1.120 and earlier could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile...
CVE-2025-24292
A misconfigured query in UniFi Network v9.1.120 and earlier could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile...
CVE-2025-24292
A misconfigured query in UniFi Network v9.1.120 and earlier could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile...
PT-2025-26241 · Ubiquiti · Unifi Network Application
Name of the Vulnerable Software and Affected Versions: UniFi Network versions 9.1.120 and earlier Description: A misconfigured query in UniFi Network could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication,...
CVE-2020-12484
When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...
CVE-2020-12484
When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...
CVE-2020-12484
When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...
CVE-2020-12484
Technical details are not publicly provided in the connected documents. Current records describe a Wi‑Fi impersonation risk but do not list affected products, versions, root cause, indicators, or fixes. Monitor for updates.
CVE-2020-12484
When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...
Astra Linux – Vulnerability in wpa
The implementation of PEAP in wpasupplicant through version 2.10 allows for authentication bypass. To successfully carry out this attack, wpasupplicant must be configured to not verify the network’s TLS certificate during Phase 1 authentication. Additionally, the eappepeapdecrypt vulnerability ca...
AZL-35457 CVE-2023-52160 affecting package wpa_supplicant for versions less than 2.10-2
The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...
ALPINE-CVE-2023-52160
The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...
DEBIAN-CVE-2023-52160
The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...
SUSE CVE-2023-52160
The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...
PT-2023-13452 · Cambium · Cambium Enterprise Wi-Fi System
Name of the Vulnerable Software and Affected Versions: Cambium Enterprise Wi-Fi System Software versions prior to 6.4.2 Description: The issue is related to the lack of sanitization of the ping host argument in the device-agent of the Cambium Enterprise Wi-Fi System Software. This can potentially...
PT-2023-8665 · Google +6 · Android +7
Name of the Vulnerable Software and Affected Versions: wpa supplicant versions through 2.10 Description: The issue is related to the implementation of PEAP in wpa supplicant, which allows authentication bypass. For a successful attack, wpa supplicant must be configured to not verify the network's...
NetworkManager: WPA enterprise network not verified when certificate is removed
NetworkManager NM 0.7.2 does not ensure that the configured Certification Authority CA certificate file for a 1 WPA Enterprise or 2 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensitive information or cause a denial of service connectivit...