Description

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.

INFO

Published Date :

2025-03-12T04:43:54.870Z

Last Modified :

2025-03-12T13:21:59.254Z

Source :

jpcert
AFFECTED PRODUCTS

The following products are affected by CVE-2025-24912 vulnerability.

Vendors Products
W1.fi
  • Hostapd
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-24912.

URL Resource
https://jvn.jp/en/jp/JVN19358384/ cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-24912 cve-icon
https://w1.fi/cgit/hostap/commit/?id=339a334551ca911187cc870f4f97ef08e11db109 cve-icon cve-icon cve-icon
https://w1.fi/cgit/hostap/commit/?id=726432d7622cc0088ac353d073b59628b590ea44 cve-icon cve-icon cve-icon
https://w1.fi/hostapd/ cve-icon cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-24912 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact