Skip to main content

N150 Wireless Router CVE-2012-4366

LOW
Cryptographic Issues (CWE-310)
2012-11-20 cve@mitre.org
3.3
CVSS 2.0 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:A/AC:L/Au:N/C:P/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:A/AC:L/Au:N/C:P/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Nov 20, 2012 - 00:55 cve.org
LOW 3.3

DescriptionCVE.org

Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to access the network by sniffing the beacon frames.

AnalysisAI

Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Technical ContextAI

This vulnerability is classified under CWE-310. Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to access the network by sniffing the beacon frames. Affected products include: Belkin N150 Wireless Router, Belkin N300 Wireless Router, Belkin N450 Wireless Router, Belkin N900 Wireless Router.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2012-4366 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy