Cisco IOS XE Software for Wireless LAN Controllers Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show....
7.1AI Score
0.0004EPSS
Cisco Aironet Access Point Software Resource Exhaustion Denial of Service Vulnerability
A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping....
7.2AI Score
0.0004EPSS
Cisco Access Point Software Denial of Service Vulnerability
A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could.....
7.3AI Score
0.0004EPSS
Cisco Access Point Software Secure Boot Bypass Vulnerability
A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary...
7AI Score
0.0004EPSS
Cisco IOS XE Software for Wireless LAN Controllers Multicast DNS Denial of Service Vulnerability
A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper management of mDNS client entries. An...
7.2AI Score
0.0004EPSS
An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface...
7.5AI Score
0.0004EPSS
An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface...
7.8AI Score
0.0004EPSS
An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface...
7.7AI Score
0.0004EPSS
Fedora: Security Advisory for iwd (FEDORA-2024-3fa713f2e0)
The remote host is missing an update for...
7.5CVSS
7.6AI Score
0.001EPSS
Fedora: Security Advisory for iwd (FEDORA-2024-4ef5edfb2a)
The remote host is missing an update for...
7.5CVSS
7.6AI Score
0.001EPSS
Fedora: Security Advisory for wireshark (FEDORA-2024-4115ab9959)
The remote host is missing an update for...
7.1AI Score
0.0004EPSS
Fedora: Security Advisory for iwd (FEDORA-2024-58c59bfa4c)
The remote host is missing an update for...
7.5CVSS
7.6AI Score
0.001EPSS
[SECURITY] Fedora 40 Update: iwd-2.16-1.fc40
The daemon and utilities for controlling and configuring the Wi-Fi network...
7.5CVSS
7.7AI Score
0.001EPSS
[SECURITY] Fedora 40 Update: wireshark-4.2.3-1.fc40
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...
6.7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: iwd-2.15-1.fc40
The daemon and utilities for controlling and configuring the Wi-Fi network...
7.5CVSS
7.7AI Score
0.001EPSS
Canada revisits decision to ban Flipper Zero
In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesn't....
7.2AI Score
Tenda AC10 OS Command Injection Vulnerability (CNVD-2024-15743)
The Tenda AC10 is a wireless router from the Chinese company Tenda. Tenda AC10U version 15.03.06.49 suffers from an operating system command injection vulnerability, which originates from the mac parameter of the formWriteFacMac function of the /goform/WriteFacMac file failing to correctly filter.....
6.3CVSS
7.6AI Score
0.0005EPSS
“Pig butchering” is an evolution of a social engineering tactic we’ve seen for years
Whether you want to call them "catfishing," "pig butchering" or just good 'old-fashioned "social engineering," romance scams have been around forever. I was first introduced to them through the MTV show "Catfish," but recently they seem to be making headlines as the term "pig butchering" enters...
8.1AI Score
Netgear wireless router open to code execution after buffer overflow vulnerability
Cisco Talos' Vulnerability Research team recently disclosed three vulnerabilities across a range of products, including one that could lead to remote code execution in a popular Netgear wireless router designed for home networks. There is also a newly disclosed vulnerability in a graphics driver...
7.8CVSS
8.9AI Score
0.0005EPSS
There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before...
5.8AI Score
0.0004EPSS
There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before...
6AI Score
0.0004EPSS
There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before...
6AI Score
0.0004EPSS
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name,...
5.9AI Score
0.0004EPSS
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name,...
5.8AI Score
0.0004EPSS
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name,...
5.8AI Score
0.0004EPSS
Cisco Products Affected by Broadcom MediaxChange Buffer Overflow (CVE-2021-33478)
The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and....
6.8CVSS
7.1AI Score
0.001EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26142)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
5.3CVSS
5.6AI Score
0.001EPSS
Cisco IP Phones 8800 Series Path Traversal (CVE-2019-1765)
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level...
8.1CVSS
6.5AI Score
0.001EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24587)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
2.6CVSS
6.1AI Score
0.001EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24588)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
3.5CVSS
6.2AI Score
0.002EPSS
FortiWLM progressfile command injection
Added: 03/18/2024 Background Fortinet Wireless Manager (FortiWLM) allows you to manage wireless networks on FortiGates. Problem A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by calling the deleteprogressfile function with a specially crafted...
8.7AI Score
Cisco IP Phones 8800 Series Authorization Bypass (CVE-2019-1763)
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability...
7.5CVSS
7.8AI Score
0.002EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26140)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
6.5CVSS
6.8AI Score
0.002EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26143)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
6.5CVSS
6.8AI Score
0.002EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26144)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
6.5CVSS
6.8AI Score
0.001EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26147)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
5.4CVSS
6.8AI Score
0.001EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26139)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
5.3CVSS
6.6AI Score
0.002EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26141)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
6.5CVSS
7.2AI Score
0.002EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26145)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
6.5CVSS
7.2AI Score
0.001EPSS
Cisco IP Phones 7800 Series and 8800 Series Remote Code Execution (CVE-2019-1716)
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The...
9.8CVSS
9.9AI Score
0.006EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26146)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
5.3CVSS
6.2AI Score
0.001EPSS
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is...
7.5CVSS
7.7AI Score
0.002EPSS
Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24586)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames...
3.5CVSS
6AI Score
0.001EPSS
Cisco IP Phones 8800 Series Cross-Site Request Forgery (CVE-2019-1764)
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross- site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for...
8.8CVSS
8.8AI Score
0.001EPSS
FortiWLM progressfile command injection
Added: 03/18/2024 Background Fortinet Wireless Manager (FortiWLM) allows you to manage wireless networks on FortiGates. Problem A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by calling the deleteprogressfile function with a specially crafted...
8.7AI Score
wpa_supplicant is vulnerable to the Improper Authentication vulnerability. The vulnerability arises because wpa_supplicant can be configured to skip TLS certificate verification during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be exploited to bypass Phase 2...
6.5CVSS
6.7AI Score
0.001EPSS
[SECURITY] Fedora 39 Update: iwd-2.16-1.fc39
The daemon and utilities for controlling and configuring the Wi-Fi network...
7.5CVSS
7.7AI Score
0.001EPSS
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless...
5.8AI Score
0.0004EPSS
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless...
6AI Score
0.0004EPSS
The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener...
6.8AI Score
0.0004EPSS