848 matches found
CVE-2026-20408
In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461651; Issue ID: MSV-4758...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fixed node corruption in the “ar-arvifs” list In the current WLAN recovery code flow, ath11kcorehalt only re initializes the “arvifs” list head. This causes the list node immediately following the list head to becom...
PT-2026-3773
Name of the Vulnerable Software and Affected Versions Tenda AX-1803 version 1.0.0.1 Description The Tenda AX-1803 router contains a stack overflow in the ssid parameter of the form fast setting wifi set function. This issue allows attackers to cause a Denial of Service DoS by sending a crafted...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001081)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001081 advisory. The ozusbhandleepdata function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial...
Each Italy Wireless Mini Router WIRELESS-N 300M has code-related vulnerabilities.
The Each Italy Wireless Mini Router WIRELESS-N 300M is a wireless router produced by Each Italy. There are code vulnerabilities in versions prior to 6.10.5 and 6.11.1, which stem from insecure .NET Remoting exposure in the SmartCardController service. These vulnerabilities could lead to arbitrary...
CVE-2026-0404 Insufficient input validation in NETGEAR Orbi routers
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...
CVE-2023-43533
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000485)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000485 advisory. A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless...
CVE-2025-65823
The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for the test network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor...
CVE-2025-65822
The ESP32 system on a chip SoC that powers the Meatmeet Pro was found to have JTAG enabled. By leaving JTAG enabled on an ESP32 in a commercial product an attacker with physical access to the device can connect over this port and reflash the device's firmware with malicious code which will be...
CVE-2025-65821
As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...
CVE-2025-65822
The ESP32 system on a chip SoC that powers the Meatmeet Pro was found to have JTAG enabled. By leaving JTAG enabled on an ESP32 in a commercial product an attacker with physical access to the device can connect over this port and reflash the device's firmware with malicious code which will be...
CVE-2025-65826
CVE-2025-65826 affects the Meatmeet Pro mobile application (examples in multiple disclosures show the vulnerability stemming from hard-coded/stored network credentials within the app). The issue enables attackers who obtain the credentials and the device’s Wi‑Fi network location to gain unauthori...
Sony SNC-CX600W 跨站脚本漏洞
The Sony SNC-CX600W is a wireless network HD camcorder from Sony Japan. A cross-site scripting vulnerability exists in all versions of the Sony SNC-CX600W, which stems from susceptibility to cross-site scripting attacks that could lead to the execution of arbitrary scripts...
MediaTek 2025-11 WLAN Vulnerabilities - Lenovo Support US
No description provided...
Tenda AC18 安全漏洞
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data by th...
CVE-2022-50596
D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interface that allows for unauthenticated attackers to execute arbitrary commands on the device with root privileges. The flaw specifically exists within...
CVE-2025-20733
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00441509; Issue ID: MSV-4138...
CVE-2025-20729
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441512; Issue ID: MSV-415...
CVE-2025-41108
The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an attacker to send commands to the robot from an external attack station, impersonating the control station tablet and gaining unauthorised full control of the robot. The absence of encryption and authenticati...