Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wi-fi vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-20145
In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is ...
Google Android 11.0
10
CVSSv2
CVE-2022-30521
The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of str...
Dlink Dir-890l Firmware
10
CVSSv2
CVE-2019-17621
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote malicious user to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local ne...
Dlink Dir-859 Firmware
Dlink Dir-859 Firmware 1.06b01
Dlink Dir-822 Firmware
Dlink Dir-823 Firmware
Dlink Dir-823 Firmware 1.00b06
Dlink Dir-865l Firmware
Dlink Dir-868l Firmware
Dlink Dir-869 Firmware
Dlink Dir-869 Firmware 1.03b02
Dlink Dir-880l Firmware
Dlink Dir-890l Firmware
Dlink Dir-890l Firmware 1.11b01
Dlink Dir-890r Firmware
Dlink Dir-890r Firmware 1.11b01
Dlink Dir-885l Firmware
Dlink Dir-885r Firmware
Dlink Dir-895l Firmware
Dlink Dir-895r Firmware
Dlink Dir-818lx Firmware -
7 Github repositories
10
CVSSv2
CVE-2019-12941
AutoPi Wi-Fi/NB and 4G/LTE devices prior to 2019-10-15 allows an malicious user to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. The default WiFi password and WiFi SSID are derived from the same has...
Autopi Wi-fi\\/nb Firmware
Autopi 4g\\/lte Firmware
4 Github repositories
10
CVSSv2
CVE-2019-15504
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel up to and including 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
10
CVSSv2
CVE-2019-15505
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel up to and including 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
10
CVSSv2
CVE-2018-20377
Orange Livebox 00.96.320S devices allow remote malicious users to discover Wi-Fi credentials via /get_getnetworkconf.cgi on port 8080, leading to full control if the admin password equals the Wi-Fi password or has the default admin value. This is related to Firmware 01.11.2017-11...
Orange Arv7519rw22 Livebox 2.1 Firmware 00.96.217
Orange Arv7519rw22 Livebox 2.1 Firmware 00.96.321s
Orange Arv7519rw22 Livebox 2.1 Firmware 00.96.00.96.609es
Orange Arv7519rw22 Livebox 2.1 Firmware 00.96.00.96.613
3 Github repositories
10
CVSSv2
CVE-2018-14010
OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P prior to 2.14.5, R3C prior to 2.12.15, R3 prior to 2.22.15, and R3D prior to 2.26.4 devices allows an malicious user to execute any command via crafted JSON data.
Mi Xiaomi R3p Firmware
Mi Xiaomi R3c Firmware
Mi Xiaomi R3d Firmware
Mi Xiaomi R3
1 Github repository
10
CVSSv2
CVE-2017-10871
Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version L02F-MDM9625-V10h-JUN-23-2017-DCM-JP and previous versions allows an malicious user to execute arbitrary code via unspecified vectors.
Nttdocomo Wi-fi Station L-02f Firmware
10
CVSSv2
CVE-2017-7110
An issue exists in certain Apple products. iOS prior to 11 is affected. tvOS prior to 11 is affected. watchOS prior to 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote malicious users to execute arbitrary code in a privileged context or cau...
Apple Tvos
Apple Watchos
Apple Iphone Os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »