Vulnerability: Arbitrary Data Injection in ALFA Windows 10 Driver for AWUS036H

Vulnerability: Arbitrary Data Injection in ALFA Windows 10 Driver for AWUS036H

CVE-2020-26140 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

Learn more about our Network Penetration Testing.