CVE-2021-22673

The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...

CVE-2024-41161

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be...

EUVD-2020-28737

Malware in sbrugna...

EUVD-2024-36395

Malicious code in bioql PyPI...

Malicious code in node-firefox-find-wifi-devices (npm)

The package node-firefox-find-wifi-devices was found to contain malicious code...

MAL-2025-27622 Malicious code in node-firefox-find-wifi-devices (npm)

The package node-firefox-find-wifi-devices was found to contain malicious code...

UBUNTU-CVE-2023-53086

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: connac: do not check WED status for non-mmio devices WED is supported just for mmio devices, so do not check it for usb or sdio devices. This patch fixes the crash reported below: 21.946627 wlp0s3u1i3: authenticate wi...

CVE-2024-42001

An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active...

CVE-2024-37023

Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters...

CVE-2024-46383

CVE-2024-46383 affects Hathway Skyworth Router CM5100-511, version 4.1.1.24. The issue is storage of sensitive information about USB and Wi-Fi–connected devices in plaintext, enabling potential exposure. Documented root cause and impact are plaintext storage; exploitation details are not provided...

The vulnerabilities of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, DSL/Ethernet CPE routers allow attackers to cause service interruptions.

The vulnerability of microprogrammed software in Wi-Fi transceivers, Wi-Fi amplifiers, Fiber ONTs, and DSL/Ethernet CPE routers lies in the fact that the operation data is exposed beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...

dBmonster - Track WiFi Devices With Their Recieved Signal Strength

With dBmonster you are able to scan for nearby WiFi devices and track them trough the signal strength dBm of their sent packets sniffed with TShark. These dBm values will be plotted to a graph with matplotlib. It can help you to identify the exact location of nearby WiFi devices use a directional...

Old bugs exposing all WiFi enabled devices to FragAttacks

By Waqas Among 75 WiFi devices tested; all were found to be vulnerable to one of the FragAttacks. This is a post from HackRead.com Read the original post: Old bugs exposing all WiFi enabled devices to FragAttacks...

Command injection

An issue was discovered on KT Slim egg IML500 R7283, R8112, R8424 and IML520 R8112, R8368, R8411 wifi device. This issue is a command injection allowing attackers to execute arbitrary OS commands...

CVE-2020-7805

CVE-2020-7805 affects KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) WiFi devices. The vulnerability is a command injection that allows an attacker to execute arbitrary OS commands. The connected documents provide the affected device models and the nature of the flaw bu...

CVE-2019-20095

A flaw was found in the Linux kernel's mwifiex driver implementation when connecting to other WiFi devices in "Test Mode." A kernel memory leak can occur if an error condition is met during the parameter negotiation. This issue can lead to a denial of service if multiple error conditions meeting...

CVE-2018-15480

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The cloud API had a hidden parameter, which allowed an authenticated...

WePresent WiPG-1000 Command Injection

This module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...