ReportizFlow
Filtered by vendor Hostapd
Subscriptions
Filtered by product Hostapd
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-37660 | 2 Hostapd, W1.fi | 2 Hostapd, Hostapd | 2025-11-03 | 6.5 Medium |
| In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association. | ||||
| CVE-2006-2213 | 1 Hostapd | 1 Hostapd | 2025-04-03 | N/A |
| Hostapd 0.3.7-2 allows remote attackers to cause a denial of service (segmentation fault) via an unspecified value in the key_data_length field of an EAPoL frame. | ||||
Page 1 of 1.