Show filters
15 Total Results
Displaying 1-10 of 15
Sort by:
Attacker Value
Unknown

CVE-2020-24587

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Attacker Value
Unknown

CVE-2024-36491

Disclosure Date: July 17, 2024 (last updated September 28, 2024)
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a remote unauthenticated attacker to execute an arbitrary OS command, obtain and/or alter sensitive information, and be able to cause a denial of service (DoS) condition.
Attacker Value
Unknown

CVE-2024-36475

Disclosure Date: July 17, 2024 (last updated September 28, 2024)
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed.
Attacker Value
Unknown

CVE-2024-31070

Disclosure Date: July 17, 2024 (last updated September 28, 2024)
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly.
Attacker Value
Unknown

CVE-2021-42230

Disclosure Date: April 15, 2022 (last updated October 07, 2023)
Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.
Attacker Value
Unknown

CVE-2020-26140

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Attacker Value
Unknown

CVE-2020-26139

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
Attacker Value
Unknown

CVE-2020-26146

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
Attacker Value
Unknown

CVE-2020-24588

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
Attacker Value
Unknown

CVE-2020-26144

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.