Lucene search
+L

48 matches found

CNNVD
CNNVD
added 2024/11/01 12:0 a.m.5 views

FiberHome HG6544C 安全漏洞

The FiberHome HG6544C is a router from China's FiberHome that is equipped with an indicator light and an Ethernet LAN interface. A security vulnerability exists in the FiberHome HG6544C RP2743 version, which stems from a cross-site scripting vulnerability that allows an attacker to execute...

4.8CVSS6.8AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.6 views

TOTOLINK CPE CP450 安全漏洞

TOTOLINK CPE CP450 is an outdoor wireless client terminal device from China Gion Electronics TOTOLINK, which is mainly used to provide wireless broadband access services, especially for wireless network coverage in rural or remote areas. A security vulnerability exists in the TOTOLINK CPE CP450...

8.6CVSS6.8AI score0.2076EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/04/30 10:22 a.m.6 views

wpa_supplicant: potential authorization bypass

A flaw was found in wpasupplicant's implementation of PEAP. This issue may allow an attacker to skip the second phase of authentication when the target device has not been properly configured to verify the authentication server. By skipping the second phase of authentication, it’s easier for an...

6.5CVSS7.3AI score0.01177EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.14 views

PT-2024-28081 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the wifi: mt76: connac component, where the wcid can be NULL. To avoid crashes, it is necessary to check...

9.1CVSS6.5AI score0.01219EPSS
Exploits11References900
NVD
NVD
added 2023/09/27 6:15 p.m.28 views

CVE-2023-20268

A vulnerability in the packet processing functionality of Cisco access point AP software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An...

4.7CVSS4.8AI score0.00236EPSS
Exploits0References1
Prion
Prion
added 2023/09/27 6:15 p.m.21 views

Race condition

A vulnerability in the networking component of Cisco access point AP software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an...

5CVSS8.2AI score0.00653EPSS
Exploits0References1Affected Software5
Cvelist
Cvelist
added 2023/09/27 5:22 p.m.26 views

CVE-2023-20268 Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability

A vulnerability in the packet processing functionality of Cisco access point AP software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An...

4.7CVSS5.1AI score0.00236EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer

A vulnerability was found in the Linux kernel's mt76 wi-fi driver. A concurrency bug causes the mtxq TX queue to maintain a raw pointer to a wcid structure mtxq-wcid that might be freed by the time it is accessed. This issue can lead to a use-after-free scenario, leading to system instability,...

7.8CVSS6.8AI score0.00284EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer

A vulnerability was found in the Linux kernel's mt76 wi-fi driver. A concurrency bug causes the mtxq TX queue to maintain a raw pointer to a wcid structure mtxq-wcid that might be freed by the time it is accessed. This issue can lead to a use-after-free scenario, leading to system instability,...

7.8CVSS6.8AI score0.00284EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.4 views

SUSE CVE-2019-15126

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors related to state transitions in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a...

3.1CVSS6.7AI score0.07709EPSS
Exploits7References16
BDU FSTEC
BDU FSTEC
added 2022/12/27 12:0 a.m.8 views

The vulnerability in the web interface of Hirschmann BAT-C2’s WLAN-client microprogramming software allows a hacker to perform arbitrary actions.

The vulnerability of the web interface for managing WLAN client micro-programming software Hirschmann BAT-C2 exists due to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

7.5CVSS8.2AI score0.02694EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/09/30 6:45 p.m.81 views

CVE-2022-20728

CVE-2022-20728 describes a VLAN-bypass flaw in the client forwarding code of multiple Cisco Access Points. An unauthenticated, adjacent attacker can inject packets from the native VLAN to nonnative VLAN clients due to a logic error that forwards packets destined to a wireless client when received...

4.7CVSS4.9AI score0.00249EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/30 6:45 p.m.14 views

CVE-2022-20728 Cisco Access Points VLAN Bypass from Native VLAN Vulnerability

A vulnerability in the client forwarding code of multiple Cisco Access Points APs could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards...

4.7CVSS7AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/07 7:13 p.m.28 views

CVE-2021-40288

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames...

7.8AI score0.022EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.6 views

TP-Link AX10安全漏洞

TP-Link AX10 is a router from Tp-link, China. TP-Link AX10 has a security vulnerability that could be exploited to disconnect a connected wireless client by sending a spoofed authentication frame specific to the wireless adapter...

7.8CVSS5.6AI score0.022EPSS
Exploits0References2
Prion
Prion
added 2021/09/27 5:15 p.m.21 views

Authentication flaw

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames...

7.8CVSS7.6AI score0.02334EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2020/09/25 12:0 a.m.11 views

Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43445)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in the wireless client Simple Network Management Protocol SNMP trap generation of the Cisco IOS XE used by the Cisco Catalyst 9000 series,...

7.4CVSS6.7AI score0.00639EPSS
Exploits0References1
Prion
Prion
added 2019/04/18 2:29 a.m.16 views

Design/Logic Flaw

A vulnerability in the internal packet processing of Cisco Aironet Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected AP if the switch interface where the AP is connected has port security configured. The...

3.3CVSS6.5AI score0.00631EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/10/16 1:29 a.m.6 views

CVE-2018-18376

goform/getWlanClientInfo in Orange AirBox Y858FL01.1604 allows remote attackers to discover information about currently connected devices hostnames, IP addresses, MAC addresses, and connection time via the rand parameter...

7.5CVSS5.8AI score0.01518EPSS
Exploits1References1
NVD
NVD
added 2017/04/10 3:59 a.m.15 views

CVE-2016-5055

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...

6.1CVSS6.1AI score0.00819EPSS
Exploits1References1
Rows per page
Query Builder