Vulnerability: Arbitrary Packet Injection and Denial of Service in WNM Sleep Mode Response

Vulnerability: Arbitrary Packet Injection and Denial of Service in WNM Sleep Mode Response

CVE-2015-5310 · LOW Severity

AV:A/AC:L/AU:N/C:P/I:N/A:N

The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response.

Learn more about our Web Application Penetration Testing UK.