Описание
The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.
Ссылки
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.5.2 (включая)Версия от 2.2.0 (включая) до 3.1.0 (включая)
Одно из
cpe:2.3:a:espressif:arduino_esp8266:*:*:*:*:*:*:*:*
cpe:2.3:a:espressif:esp8266_nonos_sdk:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00175
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.
EPSS
Процентиль: 39%
0.00175
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-20