Back to search
CVE-2011-5053
Published: Jan 6, 2012
Modified: Aug 7, 2024
PUBLISHED
Description
The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or reconfigure an access point, by reading EAP-NACK messages.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://code.google.com/p/reaver-wps/
x_refsource_MISC
http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf
x_refsource_MISC
VU#723755
third-party-advisory
x_refsource_CERT-VN
TA12-006A
third-party-advisory
x_refsource_CERT
20120111 Wi-Fi Protected Setup PIN Brute Force Vulnerability
vendor-advisory
x_refsource_CISCO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now