VDB
CVE-2011-5053
CVE-2011-5053
PUBLISHED
CVSS 5.800000190734863 MEDIUM
The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or reconfigure an access point, by reading EAP-NACK messages.
EPSS 25.54% · 96.3th percentile
Risk Scores
CVSS 2.0
5.800000190734863
EPSS Score
25.54%
96.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| wi-fi | wifi_protected_setup_protocol | |
| n/a | n/a | n/a |
Timeline
- Jan 6, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 5, 2023 EPSS Score
References
- http://www.kb.cert.org/vuls/id/723755 advisory
- http://code.google.com/p/reaver-wps/ url
- http://sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability/ url
- http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf url
- TA12-006A third-party-advisory
- 20120111 Wi-Fi Protected Setup PIN Brute Force Vulnerability vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2011-5053 advisory
- http://code.google.com/p/reaver-wps url
- http://sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability url