CVE-2023-40039

An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame...

CVE-2024-23726

Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...

SUSE-SU-2023:4986-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange bsc1217277...

SUSE-SU-2023:4983-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange bsc1217277...

CVE-2019-9555

CVE-2019-9555 affects Sagemcom F@st 5260 routers (firmware 0.4.39 and possibly others) where WPA PSKs are derived from a two-part wordlist plus a nonce with insufficient entropy. This yields roughly 1.78 billion possible PSKs, making the WPA key space far smaller than expected and enabling potent...

CVE-2018-5389

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline...

Buffer overflow

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK...