VYPR

Wifi

by Google

CVEs (5)

  • CVE-2023-20965CriAug 14, 2023
    risk 0.64cvss 9.8epss 0.01

    In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21114HigJul 9, 2024
    risk 0.51cvss 7.8epss 0.00

    In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-43083MedNov 13, 2024
    risk 0.36cvss 5.5epss 0.00

    In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2016-3837MedAug 5, 2016
    risk 0.36cvss 5.5epss 0.00

    service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application that provides a MAC address with too few characters, aka internal…

  • CVE-2024-40674MedJan 28, 2025
    risk 0.34cvss 5.3epss 0.00

    In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for…