Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
wpa_supplicant 安全漏洞
Vulnerability Description
wpa_supplicant是一款跨平台的WPA请求程序。该程序支持WEP、WPA和WPA2等。 wpa_supplicant存在安全漏洞,该漏洞源于未正确配置用于身份验证的服务器。
CVSS Information
N/A
Vulnerability Type
N/A