Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exchange. By capturing an attempted (and even failed) WPS authentication attempt, it is possible to brute force the overall authentication exchange. This allows an attacker to obtain the recovered WPS PIN in minutes or even seconds, and eventually obtain the Wi-Fi PSK key, gaining access to the Wi=Fi network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Askey AP5100W Dual SIG 安全特征问题漏洞
Vulnerability Description
Askey AP5100W Dual SIG是中国亚旭电子科技(Askey)公司的一款路由器。 Askey AP5100W Dual SIG 存在安全特征问题漏洞,该漏洞源于Diffie-Hellman交换的随机数选择出现了问题。通过捕获一个尝试的(甚至是失败的)WPS身份验证尝试,可以强制执行整个身份验证交换。这使得攻击者可利用该漏洞可以在几分钟甚至几秒钟内获得恢复的WPS PIN,并最终获得Wi-Fi PSK密钥,从而访问Wi=Fi网络。
CVSS Information
N/A
Vulnerability Type
N/A