Description

An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption.

Related CPE's

o

dlink

dir-850l_firmare

Vulnerable

h

dlink

dir-850l

-

References

http://us.dlink.com/security-advisories/

Broken Link

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10097

Vendor Advisory

https://www.synopsys.com/blogs/software-security/wpa2-encryption-bypass-defensics-fuzzing/

Third Party Advisory

Weaknesses

[email protected]

Primary
CWE-287

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-06-16T22:15:07.803

3 years ago

Last modified

2022-06-28T18:57:15.890

3 years ago