Vulnerability Details CVE-2018-18907
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://us.dlink.com/security-advisories/
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10097
- https://www.synopsys.com/blogs/software-security/wpa2-encryption-bypass-defensics-fuzzing/
- http://us.dlink.com/security-advisories/
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10097
- https://www.synopsys.com/blogs/software-security/wpa2-encryption-bypass-defensics-fuzzing/
Products affected by CVE-2018-18907
-
cpe:2.3:h:dlink:dir-850l:-
-
cpe:2.3:o:dlink:dir-850l_firmare:*