EUVD-2026-31559

A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument submit-url can lead to buffer overflow. The attack may be performed from remote. The exploit has bee...

PT-2026-26548

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wireless device dissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be use...

ROS-20260317-73-0036

A vulnerability in the ieee80211isvalidamsdu and ieee80211amsduto8023s net/wireless/util.c. functions of the Linux operating system kernel is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-2530

A weakness has been identified in Wavlink WL-WN579A3 up to 20210219. This affects the function AddMac of the file /cgi-bin/wireless.cgi. This manipulation of the argument macAddr causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to th...

CVE-2026-2526

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the function multissid of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument SSID2G2 results in command injection. The attack may be initiated remotely. The exploit has been made public and could b...

CVE-2026-2529

Wavlink WL-WN579A3 is affected by CVE-2026-2529 in the DeleteMac function of /cgi-bin/wireless.cgi. The delete_list argument can be manipulated to trigger command injection, enabling remote code execution. Affected firmware is listed as up to 20210219. Public sources consistently describe remote ...

WAVLINK WL-WN579A3 命令注入漏洞

The WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. The Wavlink WL-WN579A3 versions prior to 20210219 have a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter SSID2G2 in the function...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003659 advisory. An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to ...

kernel: wifi: cfg80211: fix use-after-free in cmp_bss()

A use after free vulnerbility exists in the linux kernel wifi module in the cmpbss function,an attacker could create a crafted payload to trigger, leading to damage availability and integrity of the system...

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR860 version, which stems from improper handling of a specially crafted POST request for actionwireless in the file /usr/lib/lua/luci/control/admin/wireless.lua, which...

Tenda A15 Buffer Overflow Vulnerability

Tenda A15 is a wireless router device from Tenda. A buffer overflow vulnerability exists in Tenda A15 version 15.13.07.13, which originates from the improper handling of the wpapskcrypto24g parameter in the fromSetWirelessRepeat function in the /goform/openNetworkGateway file. An attacker can...

UBUNTU-CVE-2023-53153

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on reconnect and can hold data from a previous connection. Reset key data to avoid that drivers or mac80211 incorrectly detect a WEP...

CVE-2025-36901

WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396462223...

Linux Distros Unpatched Vulnerability : CVE-2019-17133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 5.3.2, cfg80211mgdwextgiwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. CVE-2019-171...

TP-LINK TL-WR841N 安全漏洞

TP-LINK TL-WR841N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR841N V11 version, which originates from insufficient validation of input parameters in the /userRpm/WzdWlanSiteSurveyRpmAP.htm file, which could result in a buffer overflow and denia...

MediaTek WLAN Vulnerability - Lenovo Support US

No description provided...

CVE-2024-57482

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST reques...

CVE-2023-20661

In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782...

PT-2025-29070

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the p54 driver where a malicious USB device pretending to be an Intersil p54 wifi interface can cause a buffer overflow in the p54 rx eeprom readbac...

CVE-2024-58014 wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlcphyiqcalgainparamsnphy In 'wlcphyiqcalgainparamsnphy', add gain range check to WARN instead of possible out-of-bounds 'tbliqcalgainparamsnphy' access. Compile tested only. Found by Linux...