Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-4786

Malware in sbrugna...

6.4CVSS6.4AI score0.00218EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/01 8:15 p.m.12 views

CVE-2025-24292

A misconfigured query in UniFi Network v9.1.120 and earlier could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile...

6.8CVSS7.1AI score0.00311EPSS
Exploits0References1
NVD
NVD
added 2025/06/29 8:15 p.m.30 views

CVE-2025-24292

A misconfigured query in UniFi Network v9.1.120 and earlier could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile...

6.8CVSS0.00311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/29 7:25 p.m.7 views

CVE-2025-24292

A misconfigured query in UniFi Network v9.1.120 and earlier could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile...

6.8CVSS7AI score0.00311EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/19 12:0 a.m.13 views

PT-2025-26241 · Ubiquiti · Unifi Network Application

Name of the Vulnerable Software and Affected Versions: UniFi Network versions 9.1.120 and earlier Description: A misconfigured query in UniFi Network could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication,...

6.8CVSS6.4AI score0.00311EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 5:51 p.m.7 views

CVE-2020-12484

When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...

6.4CVSS6.8AI score0.00218EPSS
Exploits0
NVD
NVD
added 2024/12/17 3:15 a.m.23 views

CVE-2020-12484

When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...

6.4CVSS0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/17 2:36 a.m.12 views

CVE-2020-12484

When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...

6.4CVSS7AI score0.00218EPSS
Exploits0References1
CVE
CVE
added 2024/12/17 2:36 a.m.55 views

CVE-2020-12484

Technical details are not publicly provided in the connected documents. Current records describe a Wi‑Fi impersonation risk but do not list affected products, versions, root cause, indicators, or fixes. Monitor for updates.

6.4CVSS6.9AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 2:36 a.m.21 views

CVE-2020-12484

When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks...

6.4CVSS0.00218EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.2 views

Astra Linux – Vulnerability in wpa

The implementation of PEAP in wpasupplicant through version 2.10 allows for authentication bypass. To successfully carry out this attack, wpasupplicant must be configured to not verify the network’s TLS certificate during Phase 1 authentication. Additionally, the eappepeapdecrypt vulnerability ca...

6.5CVSS7AI score0.01177EPSS
Exploits0References3
OSV
OSV
added 2024/02/22 5:15 p.m.10 views

AZL-35457 CVE-2023-52160 affecting package wpa_supplicant for versions less than 2.10-2

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS6.8AI score0.01177EPSS
Exploits0References1
OSV
OSV
added 2024/02/22 5:15 p.m.5 views

ALPINE-CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS7AI score0.01177EPSS
Exploits0References1
OSV
OSV
added 2024/02/22 5:15 p.m.3 views

DEBIAN-CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS7.2AI score0.01177EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/02/17 3:22 a.m.7 views

SUSE CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS9.3AI score0.01177EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/09/29 12:0 a.m.10 views

PT-2023-13452 · Cambium · Cambium Enterprise Wi-Fi System

Name of the Vulnerable Software and Affected Versions: Cambium Enterprise Wi-Fi System Software versions prior to 6.4.2 Description: The issue is related to the lack of sanitization of the ping host argument in the device-agent of the Cambium Enterprise Wi-Fi System Software. This can potentially...

8.8CVSS7.1AI score0.00663EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/07/08 12:0 a.m.10 views

PT-2023-8665 · Google +6 · Android +7

Name of the Vulnerable Software and Affected Versions: wpa supplicant versions through 2.10 Description: The issue is related to the implementation of PEAP in wpa supplicant, which allows authentication bypass. For a successful attack, wpa supplicant must be configured to not verify the network's...

8.3CVSS9.6AI score0.01177EPSS
Exploits0References106
RedHat Linux
RedHat Linux
added 2010/02/16 3:50 p.m.6 views

NetworkManager: WPA enterprise network not verified when certificate is removed

NetworkManager NM 0.7.2 does not ensure that the configured Certification Authority CA certificate file for a 1 WPA Enterprise or 2 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensitive information or cause a denial of service connectivit...

6.8CVSS5.9AI score0.01897EPSS
Exploits0References4
Rows per page
Query Builder