48 matches found
FiberHome HG6544C 安全漏洞
The FiberHome HG6544C is a router from China's FiberHome that is equipped with an indicator light and an Ethernet LAN interface. A security vulnerability exists in the FiberHome HG6544C RP2743 version, which stems from a cross-site scripting vulnerability that allows an attacker to execute...
TOTOLINK CPE CP450 安全漏洞
TOTOLINK CPE CP450 is an outdoor wireless client terminal device from China Gion Electronics TOTOLINK, which is mainly used to provide wireless broadband access services, especially for wireless network coverage in rural or remote areas. A security vulnerability exists in the TOTOLINK CPE CP450...
wpa_supplicant: potential authorization bypass
A flaw was found in wpasupplicant's implementation of PEAP. This issue may allow an attacker to skip the second phase of authentication when the target device has not been properly configured to verify the authentication server. By skipping the second phase of authentication, it’s easier for an...
PT-2024-28081 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the wifi: mt76: connac component, where the wcid can be NULL. To avoid crashes, it is necessary to check...
CVE-2023-20268
A vulnerability in the packet processing functionality of Cisco access point AP software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An...
Race condition
A vulnerability in the networking component of Cisco access point AP software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an...
CVE-2023-20268 Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability
A vulnerability in the packet processing functionality of Cisco access point AP software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An...
kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer
A vulnerability was found in the Linux kernel's mt76 wi-fi driver. A concurrency bug causes the mtxq TX queue to maintain a raw pointer to a wcid structure mtxq-wcid that might be freed by the time it is accessed. This issue can lead to a use-after-free scenario, leading to system instability,...
kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer
A vulnerability was found in the Linux kernel's mt76 wi-fi driver. A concurrency bug causes the mtxq TX queue to maintain a raw pointer to a wcid structure mtxq-wcid that might be freed by the time it is accessed. This issue can lead to a use-after-free scenario, leading to system instability,...
SUSE CVE-2019-15126
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors related to state transitions in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a...
The vulnerability in the web interface of Hirschmann BAT-C2’s WLAN-client microprogramming software allows a hacker to perform arbitrary actions.
The vulnerability of the web interface for managing WLAN client micro-programming software Hirschmann BAT-C2 exists due to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
CVE-2022-20728
CVE-2022-20728 describes a VLAN-bypass flaw in the client forwarding code of multiple Cisco Access Points. An unauthenticated, adjacent attacker can inject packets from the native VLAN to nonnative VLAN clients due to a logic error that forwards packets destined to a wireless client when received...
CVE-2022-20728 Cisco Access Points VLAN Bypass from Native VLAN Vulnerability
A vulnerability in the client forwarding code of multiple Cisco Access Points APs could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards...
CVE-2021-40288
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames...
TP-Link AX10安全漏洞
TP-Link AX10 is a router from Tp-link, China. TP-Link AX10 has a security vulnerability that could be exploited to disconnect a connected wireless client by sending a spoofed authentication frame specific to the wireless adapter...
Authentication flaw
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames...
Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43445)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in the wireless client Simple Network Management Protocol SNMP trap generation of the Cisco IOS XE used by the Cisco Catalyst 9000 series,...
Design/Logic Flaw
A vulnerability in the internal packet processing of Cisco Aironet Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected AP if the switch interface where the AP is connected has port security configured. The...
CVE-2018-18376
goform/getWlanClientInfo in Orange AirBox Y858FL01.1604 allows remote attackers to discover information about currently connected devices hostnames, IP addresses, MAC addresses, and connection time via the rand parameter...
CVE-2016-5055
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...