Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Realtek RTL8195AM 缓冲区错误漏洞
Vulnerability Description
Realtek RTL8195AM是中国台湾瑞昱半导体(Realtek)公司的一款物联网微控制器。 Realtek RTL8195A Wi-Fi Module prior to versions 2.08存在缓冲区错误漏洞,攻击者可以利用远程代码执行或拒绝服务,导致堆栈缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A