Home > Vulnerability Database > CVE-2017-20161

Mend.io Vulnerability Database

CVE-2017-20161

Date: January 2, 2023

A vulnerability classified as problematic has been found in rofl0r MacGeiger. Affected is the function dump_wlan_at of the file macgeiger.c of the component ESSID Handler. The manipulation leads to injection. Access to the local network is required for this attack to succeed. The complexity of an attack is rather high. The exploitability is told to be difficult. The name of the patch is 57f1dd50a4821b8c8e676e8020006ae4bfd3c9cb. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217188.

Language: C

Severity Score

7.8

Related Resources (5)

Url: https://github.com/rofl0r/MacGeiger/commit/57f1dd50a4821b8c8e676e8020006ae4bfd3c9cb

Url: https://vuldb.com/?ctiid.217188

Url: https://vuldb.com/?id.217188

Url: https://nvd.nist.gov/vuln/detail/CVE-2017-20161

Url: https://www.mend.io/vulnerability-database/CVE-2017-20161

Severity Score

7.8

Weakness Type (CWE)

Injection

CWE-74

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	4.3
Access Vector (AV):	ADJACENT
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2017-20161

Date: January 2, 2023

Language: C

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?