CVE-2025-24912
published 2025-03-12CVE-2025-24912: hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position…
PriorityP417low3.7CVSS 3.0
AVNACHPRNUINSUCNINAL
EPSS
0.72%
49.1th percentile
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wpa | — | — |
| jouni_malinen | hostapd | — | — |
| w1.fi | hostapd | <= 2.11 | — |
CVSS provenance
nvdv3.03.7LOWCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
osv3.7LOW
vendor_debian3.7LOW
vendor_redhat3.7LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-97x4-g54c-4pvm: hostapd fails to process crafted RADIUS packets properly
ghsa_unreviewed·2025-03-12
CVE-2025-24912 [LOW] CWE-826 GHSA-97x4-g54c-4pvm: hostapd fails to process crafted RADIUS packets properly
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
OSV
CVE-2025-24912: hostapd fails to process crafted RADIUS packets properly
osv·2025-03-12·CVSS 3.7
CVE-2025-24912 [LOW] CVE-2025-24912: hostapd fails to process crafted RADIUS packets properly
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
Red Hat
hostapd: RADIUS Packet Processing Flaw in hostapd
vendor_redhat·2025-03-12·CVSS 3.7
CVE-2025-24912 [LOW] CWE-826 hostapd: RADIUS Packet Processing Flaw in hostapd
hostapd: RADIUS Packet Processing Flaw in hostapd
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
A flaw was found in hostapd. This vulnerability can allow an attacker to force RADIUS authentications to fail via crafted RADIUS packets injected between hostapd and the RADIUS server.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Package: hostapd (Red Hat Enterprise Linux
Debian
CVE-2025-24912: wpa - hostapd fails to process crafted RADIUS packets properly. When hostapd authentic...
vendor_debian·2025·CVSS 3.7
CVE-2025-24912 [LOW] CVE-2025-24912: wpa - hostapd fails to process crafted RADIUS packets properly. When hostapd authentic...
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-12
Published