Lucene search
K

40 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:56 a.m.6 views

CVE-2020-12106

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point...

9.8CVSS7.1AI score0.01399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.12 views

CVE-2019-12587

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...

8.1CVSS6.9AI score0.00804EPSS
Exploits2References1
Packet Storm News
Packet Storm News
added 2025/12/11 12:0 a.m.5 views

Stealth and Evasion in Rogue AP Attacks: An Analysis of Modern Detection and Bypass Techniques

Wireless networks act as the backbone of modern digital connectivity, making them a primary target for cyber adversaries. Rogue Access Point attacks, specifically the Evil Twin variant, enable attackers to clone legitimate wireless network identifiers to deceive users into connecting. Once a...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/12/10 9:31 p.m.4 views

EUVD-2025-202623

The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for the test network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor...

6.1AI score0.00365EPSS
Exploits0References3
NVD
NVD
added 2025/12/10 9:16 p.m.9 views

CVE-2025-65826

The mobile application was found to contain stored credentials for the network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor. Additionally, if an attacker were locate...

9.8CVSS0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-4644

Malware in sbrugna...

8.1CVSS8.2AI score0.01107EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/06 12:0 a.m.5 views

PT-2025-2282 · Wlan Sta · Wlan Sta

Name of the Vulnerable Software and Affected Versions: WLAN STA affected versions not specified Description: In WLAN STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges neede...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.5 views

SUSE CVE-2021-37964

Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file...

3.3CVSS6.3AI score0.00505EPSS
Exploits0References5
OSV
OSV
added 2021/10/08 10:15 p.m.2 views

DEBIAN-CVE-2021-37964

Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file...

3.3CVSS6AI score0.00505EPSS
Exploits0References1
OSV
OSV
added 2021/10/08 10:15 p.m.4 views

UBUNTU-CVE-2021-37964

Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file...

3.3CVSS7.3AI score0.00505EPSS
Exploits0References2
Kitploit
Kitploit
added 2020/10/08 8:30 p.m.51 views

C41N - An Automated Rogue Access Point Setup Tool

c41n is an automated Rogue Access Point setup tool. c41n provides automated setup of several types of Rogue Access Points, and Evil Twin attacks. c41n sets up an access point with user defined characteristics interface, name and channel for the access point, sets up DHCP server for the access...

7.4AI score
Exploits0References1
Prion
Prion
added 2020/08/12 7:15 p.m.15 views

Design/Logic Flaw

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point...

7.5CVSS9.4AI score0.01399EPSS
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2020/05/11 9:30 p.m.60 views

Wifipumpkin3 - Powerful Framework For Rogue Access Point Attack

wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. Main Features Rogue access point attack Man-in-the-middle attack...

7.2AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/04/07 11:0 p.m.48 views

CVE-2019-9499

A flaw was found in wpasupplicant. An attack using invalid scalar/element values is possible against the EAP-pwd peer since hostapd and wpasupplicant did not validate these values in the received EAP-pwd-Commit messages.When processing an EAP-pwd Commit frame, the server's scalar and element...

8.1CVSS2.8AI score0.02386EPSS
Exploits0References4
Gitee
Gitee
added 2020/02/21 6:24 p.m.16 views

wifi-arsenal

This repository is an offensive tool for WiFi attacks. It is a collection of tools and scripts for various WiFi attacks, including denial of service, encryption attacks, WEP/WPA/WPA2 attacks, WPS attacks, and others. The repository includes tools for injection, rogue AP/fake AP/MITM, sniffing,...

7.1AI score
Exploits0
NVD
NVD
added 2019/09/04 12:15 p.m.29 views

CVE-2019-12587

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...

8.1CVSS8.1AI score0.00804EPSS
Exploits2References3
OSV
OSV
added 2019/09/04 12:15 p.m.36 views

CVE-2019-12587

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...

8.1CVSS6.9AI score0.00804EPSS
Exploits2References3
Prion
Prion
added 2019/09/04 12:15 p.m.26 views

Authentication flaw

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...

4.8CVSS7.9AI score0.00804EPSS
Exploits2References3Affected Software2
Cvelist
Cvelist
added 2019/09/04 11:31 a.m.47 views

CVE-2019-12587

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...

8.1AI score0.00804EPSS
Exploits2References3
n0where
n0where
added 2018/08/18 11:1 p.m.476 views

Rogue Access Point Toolkit : hostapd-mana

hostapd-mana is a featureful rogue wifi access point tool. It can be used for a myriad of purposes from tracking and deanonymising devices aka Snoopy, gathering corporate credentials from devices attempting EAP aka WPE or attracting as many devices as possible to connect to perform MitM attacks...

1.6AI score
Exploits0References2
Rows per page
Query Builder