Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-18990

Опубликовано: 30 сент. 2020
Источник: nvd
CVSS3: 6.1
CVSS3: 5.4
CVSS2: 4.8
EPSS Низкий

Описание

A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:realtek:rtl8812ar_firmware:1.21ww:*:*:*:*:*:*:*
cpe:2.3:h:realtek:rtl8812ar:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:realtek:rtl8196d_firmware:1.0.0:*:*:*:*:*:*:*
cpe:2.3:h:realtek:rtl8196d:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:realtek:rtl8192er_firmware:2.10:*:*:*:*:*:*:*
cpe:2.3:h:realtek:rtl8192er:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:o:realtek:rtl8881an_firmware:1.09:*:*:*:*:*:*:*
cpe:2.3:h:realtek:rtl8881an:-:*:*:*:*:*:*:*

EPSS

Процентиль: 12%
0.00041
Низкий

6.1 Medium

CVSS3

5.4 Medium

CVSS3

4.8 Medium

CVSS2

Дефекты

CWE-290

Связанные уязвимости

github логотип

GHSA-3wr3-v78q-x45g

github
больше 3 лет назад

A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data.

EPSS

Процентиль: 12%
0.00041
Низкий

6.1 Medium

CVSS3

5.4 Medium

CVSS3

4.8 Medium

CVSS2

Дефекты

CWE-290