Vulnerabilities > CVE-2012-4366 - Cryptographic Issues vulnerability in Belkin products

CVSS 3.3 - LOW

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

low complexity

belkin

CWE-310

exploit available

NVD

Published: 2012-11-20

Updated: 2017-08-29

Summary

Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to access the network by sniffing the beacon frames.

Vulnerable Configurations

Part	Description	Count
Hardware	Belkin Belkin N150 Wireless Router F7D1301V1 Belkin N300 Wireless Router F7D2301V1 Belkin N450 Wireless Router F9K1105V2 Belkin N900 Wireless Router F9K1104V1	4

Common Weakness Enumeration (CWE)

CWE-310 - Cryptographic Issues

Common Attack Pattern Enumeration and Classification (CAPEC)

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Exploit-Db

description	Belkin Wireless Router Default WPS PIN Security Vulnerability. CVE-2012-4366. Remote exploit for hardware platform
id	EDB-ID:38164
last seen	2016-02-04
modified	2013-01-03
published	2013-01-03
reporter	ZhaoChunsheng
source	https://www.exploit-db.com/download/38164/
title	Belkin Wireless Router Default WPS PIN Security Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit-Db

References