RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HBroadcom Brocade Sannav
APPBroadcomwszystkie wersjeBroadcom Fabric Operating System
OSBroadcomwszystkie wersjeFreeradius
APPFreeradius< 3.0.27Sonicwall Sonicos
OSSonicwallwszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
References
Related vulnerabilities
CVE-2024-53704CRITICAL9.8⚠ KEVPL ✓ten sam produkt
SonicWall SonicOS SSLVPN — pominięcie uwierzytelnienia (Auth Bypass)
CVE-2024-40766CRITICAL9.8⚠ KEVPL ✓ten sam produkt
Nieprawidłowa kontrola dostępu w SonicWall SonicOS — RCE i crash firewalla
CVE-2020-5135CRITICAL9.8⚠ KEVten sam produkt
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and poten...
CVE-2025-40600CRITICAL9.8PL ✓ten sam produkt
SonicOS SSL VPN: format string umożliwia zakłócenie usługi bez uwierzytelnienia
CVE-2024-22394CRITICAL9.8PL ✓ten sam produkt
Pominięcie uwierzytelnienia w SonicWall SonicOS SSL-VPN (auth bypass)