Vulnerabilities > Realtek > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-29 | CVE-2022-32966 | Missing Authorization vulnerability in Realtek Rtl8111Fp-Cg Firmware 3.0.0.2019090/5.0.10/5.0.23 RTL8168FP-CG Dash remote management function has missing authorization. | 6.5 |
| 2021-07-07 | CVE-2021-32537 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Realtek HDA Driver Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. | 6.5 |
| 2021-02-03 | CVE-2020-25857 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. | 5.0 |
| 2021-02-03 | CVE-2020-25856 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 6.8 |
| 2021-02-03 | CVE-2020-25855 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 6.8 |
| 2021-02-03 | CVE-2020-25854 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 6.8 |
| 2021-02-03 | CVE-2020-25853 | Out-of-bounds Read vulnerability in Realtek Rtl8195A Firmware The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer(), resulting in a stack buffer over-read which can be exploited for denial of service. | 5.0 |
| 2020-09-30 | CVE-2019-18990 | Improper Authentication vulnerability in Realtek products A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. | 4.8 |
| 2020-07-06 | CVE-2020-9395 | Classic Buffer Overflow vulnerability in Realtek products An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. | 4.9 |
| 2020-06-08 | CVE-2020-12773 | Unspecified vulnerability in Realtek Adsl Router SOC Firmware A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool. | 6.5 |