18 matches found
CVE-2018-9581
In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSICHANGE and android.net.wifi.STATECHANGE intents. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2020-12492
Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information...
EUVD-2020-4794
Malware in sbrugna...
EUVD-2022-36733
Malicious code in bioql PyPI...
CVE-2022-22266
Applicable to China models only Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission...
UBUNTU-CVE-2025-37973
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation Currently during the multi-link element defragmentation process, the multi-link element length added to the total IEs length when calculating the...
CVE-2020-12492 Wifi information acquisition vulnerability in Framework Services
Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information...
CVE-2020-12492
The CVE-2020-12492 case involves vivo Framework Services, where improper handling of WiFi information by framework services can allow certain malicious apps to obtain sensitive data. Several connected sources provide concrete details: vulnerable software is vivo Framework Services on Vivo devices...
vivo Framework Services 安全漏洞
vivo Framework Services is a framework service from the Chinese company vivo. A security vulnerability exists in versions prior to vivo Framework Services 11, which stems from mishandling of WiFi information and could allow certain malicious applications to obtain sensitive information...
PT-2024-11729 · Totolink · Totolink N200Re V5
Name of the Vulnerable Software and Affected Versions: Totolink N200RE V5 version V9.3.5u.6255 B20211224 Description: The issue allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page due to Incorrect Access...
CVE-2022-33694
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting...
CVE-2022-33694
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting...
CVE-2022-33694
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting...
Information disclosure
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting...
CVE-2022-33694
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting...
CVE-2022-22266
Applicable to China models only Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission...
Code injection
Applicable to China models only Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission...
CVE-2018-9489
When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Product: Andro...