EUVD-2017-2759

Malware in sbrugna...

CVE-2025-3461 ON Semiconductor Quantenna Telnet Missing Authentication

The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. This issue affects Quantenna Wi-Fi chipset through versi...

CVE-2025-3461

The CVE-2025-3461 entry concerns Quantenna Wi‑Fi chipsets with an unauthenticated telnet interface enabled by default (CWE-306: Missing Authentication for Critical Function). Affected product: Quantenna Wi‑Fi chipset through SDK version 8.0.0.28. Reported impact: potential unauthorized access via...

Kr00k vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips

During the RSA conference of February 26th 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Broadcom Wi-Fi chipsets. This vulnerability is referenced as CVE-2019-15126 and could allow an...

Huawei EulerOS: Security Advisory for linux-firmware (EulerOS-SA-2020-1997)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A Flaw in Billions of Wi-Fi Chips Let Attackers Decrypt Data

Affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and various Wi-Fi routers...

CVE-2017-11122

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading...

Input validation

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading...

Broadcom ICMPv6 Information Leak Vulnerability

Exploit for hardware platform in category dos / poc Broadcom: Information Leak in ICMPv6 Router Advertisement Offloading CVE-2017-11122 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers,...

CVE-2017-11122

CVE-2017-11122 affects Broadcom BCM4355C0 Wi‑Fi chips, where ICMPv6 router advertisement offloading can leak information due to insufficient length validation. The description across sources (NVD/NVF, CNVD, SUSE, CVE.org, 0day exploit listing) consistently identifies an information disclosure vul...

Stack overflow

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205...

CVE-2017-11120

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204...

Google Researcher Publishes PoC Exploit for Apple iPhone Wi-Fi Chip Hack

You have now another good reason to update your iPhone to newly released iOS 11—a security vulnerability in iOS 10 and earlier now has a working exploit publicly available. Gal Beniamini, a security researcher with Google Project Zero, has discovered a security vulnerability CVE-2017-11120 in...

CVE-2017-9417

Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue...

CVE-2017-9417

CVE-2017-9417 affects Broadcom BCM43xx Wi‑Fi chips (Broadpwn). Reported as a memory corruption flaw in the Wi‑Fi firmware/chip enabling remote arbitrary code execution by a nearby attacker. Apple security updates reference this CVE in AirPort/Wi‑Fi contexts and list patches (e.g., AirPort/Broadco...

CVE-2017-9417

Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue...

CVE-2012-2619

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service out-of-bounds read and Wi-Fi outage via an RSN 802.11i information element...

Out-of-bounds

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service out-of-bounds read and Wi-Fi outage via an RSN 802.11i information element...

CVE-2012-2619

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service out-of-bounds read and Wi-Fi outage via an RSN 802.11i information element...

CVE-2012-2619

The CVE-2012-2619 entry concerns a flaw in Broadcom BCM4325/ BCM4329 Wi‑Fi firmware that handles 802.11i information elements. An out-of-bounds read could be triggered by a remote attacker on the same Wi‑Fi network, potentially causing a Wi‑Fi outage or device instability. Apple TV advisories cor...