Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hostapd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4445
Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 up to and including 1.0 allows remote malicious users to cause a denial of service (crash or abort) via a small "TLS Message ...
W1.fi Hostapd 0.6.2
W1.fi Hostapd 0.6.1
W1.fi Hostapd 0.7.3
W1.fi Hostapd 1.0
W1.fi Hostapd 0.6.0
W1.fi Hostapd 0.7.0
W1.fi Hostapd 0.6.6
W1.fi Hostapd 0.6.3
W1.fi Hostapd 0.7.2
W1.fi Hostapd 0.6.7
W1.fi Hostapd 0.6.4
W1.fi Hostapd 0.7.1
W1.fi Hostapd 0.6.5
NA
CVE-2006-2213
Hostapd 0.3.7-2 allows remote malicious users to cause a denial of service (segmentation fault) via an unspecified value in the key_data_length field of an EAPoL frame.
Hostapd Hostapd 0.3.7 2
NA
CVE-2015-4141
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 up to and including 2.4 allows remote malicious users to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or h...
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 2.0
W1.fi Wpa Supplicant 0.7.3
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 0.7.1
W1.fi Wpa Supplicant 0.7.2
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.4
W1.fi Wpa Supplicant 0.7.0
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Hostapd 0.7.2
W1.fi Hostapd 0.7.3
W1.fi Hostapd 2.4
W1.fi Hostapd 0.7.0
W1.fi Hostapd 0.7.1
W1.fi Hostapd 2.2
W1.fi Hostapd 2.3
W1.fi Hostapd 2.0
W1.fi Hostapd 2.1
W1.fi Hostapd 1.0
W1.fi Hostapd 1.1
NA
CVE-2015-4143
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 allows remote malicious users to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.0
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.4
W1.fi Hostapd 1.0
W1.fi Hostapd 2.0
W1.fi Hostapd 2.1
W1.fi Hostapd 2.2
W1.fi Hostapd 1.1
W1.fi Hostapd 2.3
W1.fi Hostapd 2.4
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
NA
CVE-2015-4144
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote malicious users to cause a denial of service (crash) via a crafted message.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
W1.fi Hostapd 2.2
W1.fi Hostapd 2.3
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 2.1
W1.fi Hostapd 1.1
W1.fi Hostapd 1.0
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.4
W1.fi Wpa Supplicant 2.0
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 1.0
NA
CVE-2015-4145
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 does not validate a fragment is already being processed, which allows remote malicious users to cause a denial of service (memory leak) via a crafted message.
W1.fi Hostapd 2.2
W1.fi Hostapd 2.3
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 2.1
W1.fi Hostapd 1.1
W1.fi Hostapd 1.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
W1.fi Wpa Supplicant 2.0
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.4
NA
CVE-2015-4146
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote malicious users to cause a denial of service (crash) via a crafted...
W1.fi Wpa Supplicant 2.0
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.4
W1.fi Hostapd 2.1
W1.fi Hostapd 2.2
W1.fi Hostapd 1.1
W1.fi Hostapd 1.0
W1.fi Hostapd 2.0
W1.fi Hostapd 2.3
W1.fi Hostapd 2.4
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
7.5
CVSSv3
CVE-2016-10743
hostapd prior to 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
W1.fi Hostapd
NA
CVE-2012-2389
hostapd 0.7.3, and possibly other versions prior to 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials.
W1.fi Hostapd 0.7.3
6.5
CVSSv3
CVE-2019-5061
An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by c...
W1.fi Hostapd 2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »