Vulnerabilities > CVE-2012-4366 - Cryptographic Issues vulnerability in Belkin products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
belkin
CWE-310
exploit available
NVD
Published: 2012-11-20
Updated: 2024-11-21

Summary

Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to access the network by sniffing the beacon frames.

Vulnerable Configurations

Part Description Count
Hardware
Belkin
4

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Exploit-Db

descriptionBelkin Wireless Router Default WPS PIN Security Vulnerability. CVE-2012-4366. Remote exploit for hardware platform
idEDB-ID:38164
last seen2016-02-04
modified2013-01-03
published2013-01-03
reporterZhaoChunsheng
sourcehttps://www.exploit-db.com/download/38164/
titleBelkin Wireless Router Default WPS PIN Security Vulnerability

References