0
CRITICAL
1
HIGH
0
MEDIUM
0
LOW
0
POC
0
KEV
Monthly
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Microsoft
Information Disclosure
Hostapd
Wpa Supplicant
Fedora
NVD
CVSS 3.0
8.1
EPSS
5.4%
EPSS 5%
CVSS 8.1
HIGH
PATCH
This Week
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Microsoft
Information Disclosure
Hostapd
+2
NVD