VDB
GCVE-110-CERTCC-2011-723755
GCVE-110-CERTCC-2011-723755
Advisory PublishedCVSS 9.3/10
The WiFi Protected Setup (WPS) PIN is susceptible to a brute force attack. A design flaw that exists in the WPS specification for the PIN authentication significantly reduces the time required to brute force the entire PIN because it allows an attacker to know when the first half of the 8 digit PIN is correct. The lack of a proper lock out policy after a certain number of failed attempts to guess the PIN on many wireless routers makes this brute force attack that much more feasible.
Risk Scores
CVSS 2.0
9.3/10
Critical · AV:N/AC:M/Au:N/C:C/I:C/A:C
certcc-cam
certcc-cam
impact14population12exploitation12widely_known20score_current17.8605ease_of_exploitation15
certcc-vrda
certcc-vrda
d1_impact3d1_population3d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score9.3remediation_levelUreport_confidenceCenvironmental_score9.3environmental_vectorCDP:/TD:/CR:ND/IR:ND/AR:NDsecurity_requirements_arND
Aliases
References
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.