Linux Distros Unpatched Vulnerability : CVE-2024-26683

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation th...

SUSE CVE-2024-26683

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation that we don't try to connect to an AP that is currently in a channel switch process, since that might want the channel to be quiet or we...

CVE-2024-26683

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation that we don't try to connect to an AP that is currently in a channel switch process, since that might want the channel to be quiet or we...

UBUNTU-CVE-2024-26683

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation that we don't try to connect to an AP that is currently in a channel switch process, since that might want the channel to be quiet or we...

CVE-2024-26683 wifi: cfg80211: detect stuck ECSA element in probe resp

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation that we don't try to connect to an AP that is currently in a channel switch process, since that might want the channel to be quiet or we...

CVE-2024-26683

Summary (CVE-2024-26683): In the Linux kernel’s wireless stack, a change intended to avoid connecting to an AP during a CSA channel switch inadvertently caused connection failures with some APs that permanently advertise an extended channel switch announcement (e.g., Asus RT-AC53 with firmware 3....

CVE-2024-26683

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation that we don't try to connect to an AP that is currently in a channel switch process, since that might want the channel to be quiet or we...

CVE-2017-11345

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...

ASUS WRT Cross Site Scripting Nmap NSE Script

local http = require "http" local shortport = require "shortport" local stdnse = require "stdnse" local string = require "string" local vulns = require "vulns" local nmap = require "nmap" description = ASUSWRT is a wireless router operating system that powers many routers produced by ASUS...

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Remote Code Execution

Remote Code Execution Component: networkmap CVE: CVE-2017-6548 networkmap is responsible for generating a map of computers connected to the router. It continuously monitors the LAN to detect ARP requests submitted by unknown computers. When a new MAC address appears it will probe the related IP...

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing

Session Stealing Component: httpd CVE: CVE-2017-6549 Vulnerability: httpd uses the function searchtokeninlist to validate if a user is logged into the admin interface by checking his asustoken value. There seems to be a branch which could be a failed attempt to build in a logout functionality...

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Cross-Site Scripting

ASUSWRT RT-AC53 3.0.0.4.380.6038 - Cross-Site Scripting Cross-Site Scripting XSS Component: httpd CVE: CVE-2017-6547 Vulnerability: httpd checks in the function handlerequest if the requested file name is longer than 50 chars. It then responds with a redirection which allows an attacker to inject...

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing

ASUSWRT RT-AC53 3.0.0.4.380.6038 - Session Stealing Session Stealing Component: httpd CVE: CVE-2017-6549 Vulnerability: httpd uses the function searchtokeninlist to validate if a user is logged into the admin interface by checking his asustoken value. There seems to be a branch which could be a...