25 matches found
FreeBSD : FreeBSD -- Remote code execution via installer Wi-Fi access point scans (039c0ab0-54b7-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 039c0ab0-54b7-11f1-8d7a-bc241121aa0a advisory. When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of...
CVE-2026-32721
A flaw was found in LuCI, the OpenWrt Configuration Interface. A remote attacker can exploit a stored Cross-Site Scripting XSS vulnerability in the wireless scan modal by crafting a malicious Wi-Fi network name SSID. When a user opens the wireless scan modal, the unsanitized SSID is rendered as r...
CVE-2026-32721
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...
CVE-2026-32721
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...
CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...
EUVD-2026-13382
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...
CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...
CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...
PT-2026-26450
Name of the Vulnerable Software and Affected Versions LuCI versions prior to 24.10.5 and 25.12.0 Description LuCI, the OpenWrt Configuration Interface, is affected by a stored Cross-Site Scripting XSS issue within the wireless scan modal. The system renders SSID values from scan results as raw HT...
The vulnerability of the cfg80211gen_new_ie() function in the net/wireless/scan.c module, which supports wireless communication in Linux kernels, allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the cfg80211gennewie function in the net/wireless/scan.c module, which supports wireless communication in Linux kernels, stems from the copying of buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow a...
DEBIAN-CVE-2022-49942
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel "switch" announcement doesn't make any sense. The BSS list is empty in that case. This causes the fo...
PT-2024-11258 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns a fix for the skb length check in the ieee80211 scan rx function within the mac80211 module. It replaces hard-coded compile-time constants for header length checks...
kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c
A list corruption flaw was found in cfg80211addnontranslist in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service...
kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans()
A buffer overflow flaw was found in the u8 overflow in cfg80211updatenotlistednontrans in net/wireless/scan.c in the Linux kernel’s wifi subcomponent. This flaw allows an attacker to crash the system or leak internal kernel information...
kernel: use-after-free in bss_ref_get in net/wireless/scan.c
A use-after-free flaw was found in bssrefget in the net/wireless/scan.c in the Linux kernel. This issue can lead to a denial of service or arbitrary code execution...
kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c
A list corruption flaw was found in cfg80211addnontranslist in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service...
kernel: use-after-free in bss_ref_get in net/wireless/scan.c
A use-after-free flaw was found in bssrefget in the net/wireless/scan.c in the Linux kernel. This issue can lead to a denial of service or arbitrary code execution...
kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c
A list corruption flaw was found in cfg80211addnontranslist in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service...
kernel: use-after-free in bss_ref_get in net/wireless/scan.c
A use-after-free flaw was found in bssrefget in the net/wireless/scan.c in the Linux kernel. This issue can lead to a denial of service or arbitrary code execution...
kernel: use-after-free in bss_ref_get in net/wireless/scan.c
A use-after-free flaw was found in bssrefget in the net/wireless/scan.c in the Linux kernel. This issue can lead to a denial of service or arbitrary code execution...