Back to search
CVE-2014-3686
Published: Oct 16, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
60366
third-party-advisory
x_refsource_SECUNIA
DSA-3052
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2014:1314
vendor-advisory
x_refsource_SUSE
60428
third-party-advisory
x_refsource_SECUNIA
http://w1.fi/security/2014-1/
x_refsource_CONFIRM
http://advisories.mageia.org/MGASA-2014-0429.html
x_refsource_CONFIRM
MDVSA-2015:120
vendor-advisory
x_refsource_MANDRIVA
[oss-security] 20141009 wpa_cli and hostapd_cli action script execution vulnerability
mailing-list
x_refsource_MLIST
RHSA-2014:1956
vendor-advisory
x_refsource_REDHAT
61271
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2014:1313
vendor-advisory
x_refsource_SUSE
GLSA-201606-17
vendor-advisory
x_refsource_GENTOO
SUSE-SU-2014:1356
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=1151259
x_refsource_CONFIRM
USN-2383-1
vendor-advisory
x_refsource_UBUNTU
70396
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now