{"vulnerability": "CVE-2021-40288", "sightings": [{"uuid": "6728fc13-6687-45ce-b4af-38d19e83d536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40288", "type": "seen", "source": "https://t.me/cibsecurity/33508", "content": "\u203c CVE-2021-40288 \u203c\n\nA denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T22:22:23.000000Z"}, {"uuid": "7d1e5f1e-ca0a-42a6-b80e-ba9b48a89265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40288", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/2706", "content": "STEP2: Pick the attack module you wish      1) Frames detected at the moment of connectivity disruption, one-by-one\n    2) Sequence of frames till the moment a disruption was detected (BETA)\n  STEP3: The first mode of DoS802.11, tests all the frames that the fuzzer detected up to that moment. It is a second hand filtering to separate the true positive from the false positive frames. In case  a frame is positive, i.e., causes a DoS to the associated STA, an exploit is being produced automatically.\n  STEP4: DoS802.11 exits when the log files have been considered.  **The rest to modules are currently in BETA mode.  Vulnerabilities  So far, the fuzzer managed to identify the following CVE IDs, by exploiting different Management frames:      CVE IDs  Vulnerable Devices/Chipsets  WPA2/WPA3-SAE  Status  Score      CVE-2022-32654 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32654)  mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788  Both  Published  6.7 (Medium)      CVE-2022-32655 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32655)  mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788  Both  Published  6.7 (Medium)      CVE-2022-32656 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32656)  mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788  Both  Published  6.7 (Medium)      CVE-2022-32657 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32657)  mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986  Both  Published  6.7 (Medium)      CVE-2022-32658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32658)  mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986  Both  Published  6.7 (Medium)      CVE-2022-32659 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32659)  mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986/mt8518s/mt8532  Both  Published  6.7 (Medium)      CVE-2022-46740 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46740)  WS7100-20  Both  Published  6.5 (Medium)      We would like also to thank the MediaTek and Huawei security teams, for acknowledging and fixing these security issues, as stated in the following two security advisories: MediaTek (https://corp.mediatek.com/product-security-acknowledgements) and Huawei (https://www.huawei.com/en/psirt/security-advisories/2022/huawei-sa-dosvihswr-8f632df1-en).  Moreover, by following the methodology of the work titled \"How is your Wi-Fi connection today? DoS attacks on WPA3-SAE\" (https://www.sciencedirect.com/science/article/pii/S221421262100243X), the fuzzer can identify the same SAE vulnerabilities (https://www.kitploit.com/search/label/vulnerabilities) which are linked to the below CVE IDs:      CVE IDs  Vulnerable Devices/Chipsets  WPA2/WPA3-SAE  Status  Score      CVE-2021-37910 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37910)  All ASUS RX-based models  WPA3-SAE  Published  5.3 (medium)      CVE-2021-40288 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40288)  AX10v1  WPA3-SAE  Published  7.5 (high)      CVE-2021-41753 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41753)  DIR-x1560/DIR-X6060  WPA3-SAE  Published  7.5 (high)      CVE-2021-41788 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41788)  mt7603E/mt7612/mt7613\nmt7615/mt7622/mt7628", "creation_timestamp": "2023-07-10T13:19:09.000000Z"}]}