Vulnerabilities > Realtek > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-03 | CVE-2020-25856 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 8.1 |
2021-02-03 | CVE-2020-25855 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 8.1 |
2021-02-03 | CVE-2020-25854 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 8.1 |
2021-02-03 | CVE-2020-25853 | Out-of-bounds Read vulnerability in Realtek Rtl8195A Firmware The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer(), resulting in a stack buffer over-read which can be exploited for denial of service. | 7.5 |
2020-07-06 | CVE-2020-9395 | Out-of-bounds Write vulnerability in Realtek products An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. | 8.0 |
2020-06-08 | CVE-2020-12773 | Unspecified vulnerability in Realtek Adsl Router SOC Firmware A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool. | 8.8 |
2020-01-27 | CVE-2019-19823 | Insufficiently Protected Credentials vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. | 7.5 |
2020-01-27 | CVE-2019-19822 | Missing Authentication for Critical Function vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). | 7.5 |
2017-11-13 | CVE-2017-3767 | Unspecified vulnerability in Realtek Audio Driver Firmware A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. | 7.8 |