Home > Vulnerability Database > CVE-2025-24912

Mend.io Vulnerability Database

CVE-2025-24912

Date: March 11, 2025

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.

Severity Score

3.7

Related Resources (6)

Url: https://w1.fi/hostapd/

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-24912

Url: https://jvn.jp/en/jp/JVN19358384/

Url: https://w1.fi/cgit/hostap/commit/?id=726432d7622cc0088ac353d073b59628b590ea44

Url: https://w1.fi/cgit/hostap/commit/?id=339a334551ca911187cc870f4f97ef08e11db109

Url: https://www.mend.io/vulnerability-database/CVE-2025-24912

Severity Score

3.7

Weakness Type (CWE)

Premature Release of Resource During Expected Lifetime

CWE-826

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-24912

Date: March 11, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?