Vulnerabilities > CVE-2016-4824 - 7PK - Security Features vulnerability in Corega Cg-Wlr300Gnv-W Firmware and Cg-Wlr300Gnv Firmware

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
corega
CWE-254

Summary

The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack.

Vulnerable Configurations

Part Description Count
Hardware
Corega
2
OS
Corega
2

Common Weakness Enumeration (CWE)