762 matches found
CVE-2025-24912
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...
CVE-2025-24912
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...
CVE-2025-24912
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...
JVN#19358384: hostapd vulnerable to improper processing of RADIUS packets
hostapd provided by Jouni Malinen fails to process crafted RADIUS packets properly CWE-826. Impact When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS...
hostapd 安全漏洞
hostapd is a user space daemon for access points and authentication servers from the individual developer Jouni Malinen. A security vulnerability exists in hostapd version 2.11 and earlier, which stems from the improper handling of specially crafted RADIUS packets, which could lead to RADIUS...
Linux Distros Unpatched Vulnerability : CVE-2022-37660
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : wpa_supplicant and hostapd vulnerabilities (USN-7317-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7317-1 advisory. George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements ...
USN-7317-1 wpa vulnerabilities
George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. CVE-2022-37660 Daniel De Almeida Braga...
USN-7317-1: wpa_supplicant and hostapd vulnerabilities
George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. CVE-2022-37660 Daniel De Almeida Braga...
SUSE CVE-2022-37660
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...
CVE-2022-37660
A flaw was found in hostapd. This vulnerability allows an attacker to subvert future PKEX associations via passive observation and reuse of public key exchange elements. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...
CVE-2022-37660
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...
DEBIAN-CVE-2022-37660
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...
CVE-2022-37660
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...
CVE-2022-37660
CVE-2022-37660 affects hostapd up to version 2.10, where the PKEX code remains active after a successful PKEX association. An attacker who has bootstrapped public keys with another entity in the past can subvert a future bootstrapping by passively observing public keys and manipulating the encryp...
CVE-2022-37660
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...
hostapd 安全漏洞
hostapd is a user space daemon for access points and authentication servers by the individual developer Jouni Malinen. A security vulnerability exists in hostapd version 2.10 and earlier, which stems from the PKEX code remaining active after successful association, making it vulnerable to attack...
CVE-2022-37660
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...
CVE-2022-37660
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the...
PT-2025-6404
Name of the Vulnerable Software and Affected Versions: hostapd versions 2.10 and earlier Description: The issue concerns the PKEX code remaining active even after a successful PKEX association. An attacker who has successfully bootstrapped public keys with another entity using PKEX in the past ca...