Sony Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N, WI-SP600N Security Vulnerabilities

Cisco IOS XE Software for Wireless LAN Controllers Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show....

Cisco Aironet Access Point Software Resource Exhaustion Denial of Service Vulnerability

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping....

Cisco Access Point Software Denial of Service Vulnerability

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could.....

Cisco Access Point Software Secure Boot Bypass Vulnerability

A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary...

Cisco IOS XE Software for Wireless LAN Controllers Multicast DNS Denial of Service Vulnerability

A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper management of mDNS client entries. An...

CVE-2023-51148

An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface...

CVE-2023-51148

An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface...

CVE-2023-51148

An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface...

Fedora: Security Advisory for iwd (FEDORA-2024-3fa713f2e0)

The remote host is missing an update for...

Fedora: Security Advisory for iwd (FEDORA-2024-4ef5edfb2a)

The remote host is missing an update for...

Fedora: Security Advisory for wireshark (FEDORA-2024-4115ab9959)

The remote host is missing an update for...

Fedora: Security Advisory for iwd (FEDORA-2024-58c59bfa4c)

The remote host is missing an update for...

[SECURITY] Fedora 40 Update: iwd-2.16-1.fc40

The daemon and utilities for controlling and configuring the Wi-Fi network...

[SECURITY] Fedora 40 Update: wireshark-4.2.3-1.fc40

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

[SECURITY] Fedora 40 Update: iwd-2.15-1.fc40

The daemon and utilities for controlling and configuring the Wi-Fi network...

Canada revisits decision to ban Flipper Zero

In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesn't....

Tenda AC10 OS Command Injection Vulnerability (CNVD-2024-15743)

The Tenda AC10 is a wireless router from the Chinese company Tenda. Tenda AC10U version 15.03.06.49 suffers from an operating system command injection vulnerability, which originates from the mac parameter of the formWriteFacMac function of the /goform/WriteFacMac file failing to correctly filter.....

“Pig butchering” is an evolution of a social engineering tactic we’ve seen for years

Whether you want to call them "catfishing," "pig butchering" or just good 'old-fashioned "social engineering," romance scams have been around forever. I was first introduced to them through the MTV show "Catfish," but recently they seem to be making headlines as the term "pig butchering" enters...

Netgear wireless router open to code execution after buffer overflow vulnerability

Cisco Talos' Vulnerability Research team recently disclosed three vulnerabilities across a range of products, including one that could lead to remote code execution in a popular Netgear wireless router designed for home networks. There is also a newly disclosed vulnerability in a graphics driver...

CVE-2024-29419

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before...

CVE-2024-29419

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before...

CVE-2024-29419

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before...

CVE-2024-28092

UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name,...

CVE-2024-28092

UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name,...

CVE-2024-28092

UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name,...

Cisco Products Affected by Broadcom MediaxChange Buffer Overflow (CVE-2021-33478)

The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and....

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26142)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco IP Phones 8800 Series Path Traversal (CVE-2019-1765)

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24587)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24588)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

FortiWLM progressfile command injection

Added: 03/18/2024 Background Fortinet Wireless Manager (FortiWLM) allows you to manage wireless networks on FortiGates. Problem A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by calling the deleteprogressfile function with a specially crafted...

Cisco IP Phones 8800 Series Authorization Bypass (CVE-2019-1763)

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26140)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26143)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26144)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26147)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26139)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26141)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26145)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco IP Phones 7800 Series and 8800 Series Remote Code Execution (CVE-2019-1716)

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26146)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco IP Phones 7800 Series and 8800 Series and Cisco Wireless IP Phone 8821 Denial of Service (CVE-2018-0325)

A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24586)

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...

Cisco IP Phones 8800 Series Cross-Site Request Forgery (CVE-2019-1764)

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross- site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for...

FortiWLM progressfile command injection

Added: 03/18/2024 Background Fortinet Wireless Manager (FortiWLM) allows you to manage wireless networks on FortiGates. Problem A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by calling the deleteprogressfile function with a specially crafted...

Improper Authentication

wpa_supplicant is vulnerable to the Improper Authentication vulnerability. The vulnerability arises because wpa_supplicant can be configured to skip TLS certificate verification during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be exploited to bypass Phase 2...

[SECURITY] Fedora 39 Update: iwd-2.16-1.fc39

The daemon and utilities for controlling and configuring the Wi-Fi network...

CVE-2024-28401

TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless...

CVE-2024-28401

TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless...

CVE-2023-7003

The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener...