Primary

Context

hostapd RADIUS Packet Processing Vulnerability

Vulnerability

Patched

A vulnerability exists in hostapd versions through 2.11, where the application improperly handles crafted RADIUS packets. This flaw allows an attacker positioned between the hostapd service and the RADIUS server to inject malicious RADIUS packets, causing authentication processes to fail. This issue arises during the RADIUS authentication of Wi-Fi devices, creating a potential man-in-the-middle attack scenario.

Impact

Exploitation of this vulnerability can lead to forced failures in RADIUS authentication, disrupting the authentication process for Wi-Fi devices.

Remediation

Users are advised to update to the latest version of hostapd, as patches for this vulnerability have been made available by the developer.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.3

impact

0.6

exploitability

6.5

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.3

impact

0.6

exploitability

6.5

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

hostapd RADIUS Packet Processing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

hostapd

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating