Описание
The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:h:corega:cg-wlr300gnv:-:*:*:*:*:*:*:*
cpe:2.3:o:corega:cg-wlr300gnv_firmware:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:h:corega:cg-wlr300gnv-w:-:*:*:*:*:*:*:*
cpe:2.3:o:corega:cg-wlr300gnv-w_firmware:-:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00338
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack.
EPSS
Процентиль: 56%
0.00338
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-254