Vulnerabilities > W1 FI

DATE CVE VULNERABILITY TITLE RISK
2017-10-17 CVE-2017-13080 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
2.9
2017-10-17 CVE-2017-13079 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
2.9
2017-10-17 CVE-2017-13078 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
2.9
2017-10-17 CVE-2017-13077 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
5.4
2017-08-28 CVE-2015-0210 Improper Certificate Validation vulnerability in W1.Fi WPA Supplicant 2.016
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
network
w1-fi CWE-295
4.3
2016-05-09 CVE-2016-4476 Improper Input Validation vulnerability in multiple products
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
network
low complexity
w1-fi canonical CWE-20
5.0
2015-11-09 CVE-2015-8041 Numeric Errors vulnerability in multiple products
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
network
low complexity
w1-fi opensuse CWE-189
5.0
2015-06-15 CVE-2015-4146 The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message.
network
low complexity
w1-fi opensuse
5.0
2015-06-15 CVE-2015-4145 Resource Management Errors vulnerability in multiple products
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message.
network
low complexity
w1-fi opensuse CWE-399
5.0
2015-06-15 CVE-2015-4144 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.
network
low complexity
opensuse w1-fi CWE-119
5.0