Vulnerability Details : CVE-2012-4366
Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to access the network by sniffing the beacon frames.
Products affected by CVE-2012-4366
- cpe:2.3:h:belkin:n150_wireless_router:f7d1301v1:*:*:*:*:*:*:*
- cpe:2.3:h:belkin:n900_wireless_router:f9k1104v1:*:*:*:*:*:*:*
- cpe:2.3:h:belkin:n450_wireless_router:f9k1105v2:*:*:*:*:*:*:*
- cpe:2.3:h:belkin:n300_wireless_router:f7d2301v1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-4366
2.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-4366
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:P/I:N/A:N |
6.5
|
2.9
|
NIST |
CWE ids for CVE-2012-4366
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-4366
-
http://archives.neohapsis.com/archives/bugtraq/2012-11/0070.html
-
http://www.securityfocus.com/bid/56591
Multiple Belkin Wireless Routers Default WPA2 Password Security Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/80157
Multiple Belkin wireless routers security bypass CVE-2012-4366 Vulnerability Report
-
http://www.jakoblell.com/blog/2012/11/19/cve-2012-4366-insecure-default-wpa2-passphrase-in-multiple-belkin-wireless-routers/
CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers | Jakob Lell's Blog
Jump to