CVE-2022-46140
- EPSS 0.11%
- Published 13.12.2022 16:15:25
- Last modified 14.01.2025 11:15:10
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
CVE-2022-46142
- EPSS 0.07%
- Published 13.12.2022 16:15:25
- Last modified 14.01.2025 11:15:11
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
CVE-2022-46143
- EPSS 0.28%
- Published 13.12.2022 16:15:25
- Last modified 14.01.2025 11:15:11
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
CVE-2022-31766
- EPSS 0.33%
- Published 11.10.2022 11:15:09
- Last modified 10.04.2025 20:26:39
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), ...
CVE-2020-24588
- EPSS 0.56%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:15:05
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP...
CVE-2020-26140
- EPSS 0.43%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:19:20
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent...