CVE-2008-1197

Severity Score

8.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."

El controlador Marvell para el punto de acceso Netgear WN802T Wi-Fi con software empotrado (firmware) 1.3.16 en el conjunto de chips (chipset) Marvell 88W8361P-BEM1, no valida de forma correcta la información del elemento SSID en una solicitud de asociación; esto permite a usuarios autenticados en remoto provocar una denegación de servicio (reinicio del dispositivo o cuelgue) o puede que ejecutar código de su elección mediante un "SSID Nulo".

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2008-03-06 CVE Reserved
2008-09-05 CVE Published
2024-08-07 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (5)

URL	Tag	Source
http://secunia.com/advisories/31770	Third Party Advisory
http://securityreason.com/securityalert/4215	Third Party Advisory
http://www.securityfocus.com/archive/1/495983/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/30976	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/44918	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Marvell Search vendor "Marvell"		88w8361w-bem1 Search vendor "Marvell" for product "88w8361w-bem1"				*		-		Affected
Netgear Search vendor "Netgear"		Wn802t Search vendor "Netgear" for product "Wn802t"				1.3.16 Search vendor "Netgear" for product "Wn802t" and version "1.3.16"		-		Affected