Lucene search

K
W1.fiWpa Supplicant

7 matches found

CVE
CVE
added 2019/09/12 8:15 p.m.454 views

CVE-2019-16275

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a cra...

6.5CVSS6.3AI score0.0084EPSS
CVE
CVE
added 2024/02/22 5:15 p.m.365 views

CVE-2023-52160

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 auth...

6.5CVSS6.2AI score0.01285EPSS
CVE
CVE
added 2018/08/08 7:29 p.m.359 views

CVE-2018-14526

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive informa...

6.5CVSS5.7AI score0.00726EPSS
CVE
CVE
added 2017/10/17 2:29 a.m.328 views

CVE-2017-13077

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8CVSS7.3AI score0.00585EPSS
CVE
CVE
added 2017/10/17 1:29 p.m.217 views

CVE-2017-13086

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8CVSS7.2AI score0.00304EPSS
CVE
CVE
added 2017/10/17 1:29 p.m.106 views

CVE-2017-13084

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8CVSS7AI score0.00451EPSS
CVE
CVE
added 2014/10/16 12:55 a.m.75 views

CVE-2014-3686

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

6.8CVSS6AI score0.04511EPSS