Vulnerability Details : CVE-2012-4366
Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to access the network by sniffing the beacon frames.
Exploit prediction scoring system (EPSS) score for CVE-2012-4366
Probability of exploitation activity in the next 30 days: 3.09%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 91 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-4366
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:P/I:N/A:N |
6.5
|
2.9
|
NIST |
CWE ids for CVE-2012-4366
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-4366
-
http://archives.neohapsis.com/archives/bugtraq/2012-11/0070.html
-
http://www.securityfocus.com/bid/56591
Multiple Belkin Wireless Routers Default WPA2 Password Security Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/80157
Multiple Belkin wireless routers security bypass CVE-2012-4366 Vulnerability Report
-
http://www.jakoblell.com/blog/2012/11/19/cve-2012-4366-insecure-default-wpa2-passphrase-in-multiple-belkin-wireless-routers/
CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers | Jakob Lell's Blog
Products affected by CVE-2012-4366
- cpe:2.3:h:belkin:n150_wireless_router:f7d1301v1:*:*:*:*:*:*:*
- cpe:2.3:h:belkin:n900_wireless_router:f9k1104v1:*:*:*:*:*:*:*
- cpe:2.3:h:belkin:n450_wireless_router:f9k1105v2:*:*:*:*:*:*:*
- cpe:2.3:h:belkin:n300_wireless_router:f7d2301v1:*:*:*:*:*:*:*