Noisy Networks, Nosy Neighbors: Simple Privacy Attacks against Residential Wireless Traffic

Smart devices, such as light bulbs, TVs, fridges, etc., equipped with computing capabilities and wireless communication, are part of everyday life in many households. Previous work has already shown that a passive eavesdropper can derive private information, household routines, etc., from the...

Astra Linux - уязвимость в linux, linux-5.10

“Specifically timed and handcrafted traffic can cause internal errors in a WLAN device, leading to improper Layer 2 Wi-Fi encryption. This may result in information disclosure over the air for a specific set of traffic.” In Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon...

EUVD-2017-7911

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-018712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-018712 advisory. u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility ...

WiFinger: Fingerprinting Noisy IoT Event Traffic Using Packet-Level Sequence Matching

IoT environments such as smart homes are susceptible to privacy inference attacks, where attackers can analyze patterns of encrypted network traffic to infer the state of devices and even the activities of people. While most existing attacks exploit ML techniques for discovering such traffic...

Micro Research MR-GM Series Trust Management Issues Vulnerabilities

The Micro Research MR-GM Series is a line of USB-based mobile data communication cards from Micro Research. A security vulnerability exists in Micro Research MR-GM Series version 3.00.03 and earlier, which stems from a Use of Default Credentials vulnerability that could allow an unauthenticated...

CVE-2023-20268

A vulnerability in the packet processing functionality of Cisco access point AP software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An...

Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability

A vulnerability in the packet processing functionality of Cisco access point AP software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An...

Moxa NPort W2150A and W2250A Credentials Management (CVE-2017-16727)

A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user can access the device without a password. An unauthorized user has the ability to completely...

PT-2018-13283 · Technicolor · Tc8305C Firmware

Technicolor formerly RCA TC8305C devices allow remote attackers to cause a denial of service networking outage via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-16310. NOTE: Technicolor denies that the described behavior is a...

CVE-2017-7103

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service memory...

wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key GTK during a Wireles...

Zizzania - Automated DeAuth Attack

zizzania sniffs wireless traffic listening for WPA handshakes and dumping only those frames suitable to be decrypted one beacon + EAPOL frames + data. In order to speed up the process, zizzania sends IEEE 802.11 DeAuth frames to the stations whose handshake is needed, properly handling...

CVE-2012-1327

dot11t/tifdot11halath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service assertion failure and reboot via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391...

Code injection

dot11t/tifdot11halath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service assertion failure and reboot via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391...

CVE-2012-1327

dot11t/tifdot11halath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service assertion failure and reboot via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391...