PT-2023-13505 · Mr2600 · Mr2600
Published
2023-10-27
·
Updated
2023-11-07
·
CVE-2022-3681
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
MR2600 router versions 1.0.18 and earlier
Description
A vulnerability has been identified that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network.
Recommendations
For MR2600 router versions 1.0.18 and earlier, consider disabling the WPS feature as a temporary workaround until a patch is available. Restrict access to the wireless network to minimize the risk of exploitation.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mr2600