Every CVE whose affected-product data names W1.fi Hostapd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (41)
CVE-2022-23303 — CVSS 9.8 (critical): The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of…
CVE-2022-23304 — CVSS 9.8 (critical): The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of…
CVE-2019-9499 — CVSS 8.1 (high): The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported…
CVE-2017-13082 — CVSS 8.1 (high): Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key…
CVE-2019-9497 — CVSS 8.1 (high): The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in…
CVE-2019-9498 — CVSS 8.1 (high): The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements…
CVE-2019-10064 — CVSS 7.5 (high): hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or…
CVE-2020-12695 — CVSS 7.5 (high): The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a…
CVE-2016-10743 — CVSS 7.5 (high): hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
CVE-2016-4476 — CVSS 7.5 (high): hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows…
CVE-2019-9496 — CVSS 7.5 (high): An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing…
CVE-2017-13077 — CVSS 6.8 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way…
CVE-2014-3686 — CVSS 6.8 (medium): wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action…
CVE-2017-13084 — CVSS 6.8 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey…
CVE-2017-13086 — CVSS 6.8 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS…
CVE-2022-37660 — CVSS 6.5 (medium): In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully…
CVE-2019-5061 — CVSS 6.5 (medium): An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates…
CVE-2019-5062 — CVSS 6.5 (medium): An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid…
CVE-2026-58374 — CVSS 6.5 (medium): In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing…
CVE-2019-16275 — CVSS 6.5 (medium): hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source…
CVE-2019-11555 — CVSS 5.9 (medium): The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation…
CVE-2019-9494 — CVSS 5.9 (medium): The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing…
CVE-2019-13377 — CVSS 5.9 (medium): The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of…
CVE-2017-13087 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless…
CVE-2017-13078 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an…
CVE-2017-13079 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during…
CVE-2017-13080 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an…
CVE-2017-13081 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during…
CVE-2017-13088 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing…
CVE-2021-30004 — CVSS 5.3 (medium): In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and…
CVE-2015-8041 — CVSS 5.0 (medium): Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a…
CVE-2015-4143 — CVSS 5.0 (medium): The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of…
CVE-2015-4146 — CVSS 5.0 (medium): The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before…
CVE-2015-4145 — CVSS 5.0 (medium): The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being…
CVE-2015-4144 — CVSS 5.0 (medium): The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to…
CVE-2015-4142 — CVSS 4.3 (medium): Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode…
CVE-2012-4445 — CVSS 4.3 (medium): Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in…
CVE-2015-4141 — CVSS 4.3 (medium): The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows…
CVE-2019-9495 — CVSS 3.7 (low): The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns…
CVE-2025-24912 — CVSS 3.7 (low): hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker…
CVE-2012-2389 — CVSS 2.1 (low): hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users…