Published: 06/01/2012 Updated: 15/01/2013

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Subscribe to Wifi Protected Setup Protocol

The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote malicious users to discover the PIN value, and consequently discover the Wi-Fi network password or reconfigure an access point, by reading EAP-NACK messages.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wi-fi wifi protected setup protocol

# Exploit Title: Reaver WiFi Protected Setup Exploit # Google Dork: # Date: 28 December 2011 # Author: cheffner@tacnetsolcom # Software Link: wwwtacnetsolcom/products/ # Version: All 80211 access points implementing WiFi Protected Setup and have it enabled # Tested on: Access points from Linksys, Cisco, D-Link, TP-Link, Trendnet, and ot ...

CWE-287 http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf http://sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability/http://www.kb.cert.org/vuls/id/723755 http://code.google.com/p/reaver-wps/http://www.us-cert.gov/cas/techalerts/TA12-006A.html http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps https://nvd.nist.gov https://www.exploit-db.com/exploits/18291/https://www.kb.cert.org/vuls/id/723755

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-5053

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect