Lucene search
K

762 matches found

Debian CVE
Debian CVE
added 2025/03/12 4:43 a.m.7 views

CVE-2025-24912

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...

3.7CVSS4.7AI score0.00716EPSS
Exploits0
OSV
OSV
added 2025/03/12 4:43 a.m.1 views

CVE-2025-24912

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...

3.7CVSS5.8AI score0.00716EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2025/03/12 4:43 a.m.3 views

CVE-2025-24912

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...

3.7CVSS6.9AI score0.00716EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/03/12 12:0 a.m.8 views

JVN#19358384: hostapd vulnerable to improper processing of RADIUS packets

hostapd provided by Jouni Malinen fails to process crafted RADIUS packets properly CWE-826. Impact When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS...

3.7CVSS6.8AI score0.00716EPSS
Exploits0
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.5 views

hostapd 安全漏洞

hostapd is a user space daemon for access points and authentication servers from the individual developer Jouni Malinen. A security vulnerability exists in hostapd version 2.11 and earlier, which stems from the improper handling of specially crafted RADIUS packets, which could lead to RADIUS...

3.7CVSS4.6AI score0.00716EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-37660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with...

6.5CVSS6.9AI score0.00353EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.16 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : wpa_supplicant and hostapd vulnerabilities (USN-7317-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7317-1 advisory. George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements ...

9.8CVSS8AI score0.02944EPSS
Exploits0References4
OSV
OSV
added 2025/03/03 7:42 p.m.2 views

USN-7317-1 wpa vulnerabilities

George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. CVE-2022-37660 Daniel De Almeida Braga...

9.8CVSS7.2AI score0.02944EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/03/03 7:42 p.m.84 views

USN-7317-1: wpa_supplicant and hostapd vulnerabilities

George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. CVE-2022-37660 Daniel De Almeida Braga...

9.8CVSS7.9AI score0.02944EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/02/13 1:42 a.m.4 views

SUSE CVE-2022-37660

In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...

6.5CVSS7.1AI score0.00353EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/12 9:55 a.m.10 views

CVE-2022-37660

A flaw was found in hostapd. This vulnerability allows an attacker to subvert future PKEX associations via passive observation and reuse of public key exchange elements. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

7.4CVSS6.8AI score0.00353EPSS
Exploits0References5
NVD
NVD
added 2025/02/11 11:15 p.m.15 views

CVE-2022-37660

In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...

6.5CVSS0.00353EPSS
Exploits0References3
OSV
OSV
added 2025/02/11 11:15 p.m.3 views

DEBIAN-CVE-2022-37660

In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...

6.5CVSS7.7AI score0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/11 12:0 a.m.21 views

CVE-2022-37660

In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...

0.00353EPSS
Exploits0References2
CVE
CVE
added 2025/02/11 12:0 a.m.81 views

CVE-2022-37660

CVE-2022-37660 affects hostapd up to version 2.10, where the PKEX code remains active after a successful PKEX association. An attacker who has bootstrapped public keys with another entity in the past can subvert a future bootstrapping by passively observing public keys and manipulating the encryp...

6.5CVSS6.4AI score0.00353EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/11 12:0 a.m.12 views

CVE-2022-37660

In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...

6.4AI score0.00353EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.6 views

hostapd 安全漏洞

hostapd is a user space daemon for access points and authentication servers by the individual developer Jouni Malinen. A security vulnerability exists in hostapd version 2.10 and earlier, which stems from the PKEX code remaining active after successful association, making it vulnerable to attack...

6.5CVSS7.6AI score0.00353EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/02/11 12:0 a.m.12 views

CVE-2022-37660

In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...

6.5CVSS7.7AI score0.00353EPSS
Exploits0
OSV
OSV
added 2025/02/11 12:0 a.m.13 views

CVE-2022-37660

In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...

6.5CVSS6.4AI score0.00353EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.3 views

PT-2025-6404

Name of the Vulnerable Software and Affected Versions: hostapd versions 2.10 and earlier Description: The issue concerns the PKEX code remaining active even after a successful PKEX association. An attacker who has successfully bootstrapped public keys with another entity using PKEX in the past ca...

9.8CVSS8.6AI score0.02944EPSS
Exploits0References27
Rows per page
Query Builder