cve/2019/CVE-2019-15126.md

### [CVE-2019-15126](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15126)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.

### POC

#### Reference
- http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure

#### Github
- https://github.com/0x13enny/kr00k
- https://github.com/0xT11/CVE-POC
- https://github.com/5l1v3r1/kr00k-vulnerability
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Astrogeorgeonethree/Starred
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/EaglerLight/wifi_poc
- https://github.com/WinMin/Protocol-Vul
- https://github.com/akabe1/kr00ker
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hexway/r00kie-kr00kie
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/raw-packet/raw-packet
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-15126](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15126)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html`
			`- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt`
			`- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure`

			`#### Github`
			`- https://github.com/0x13enny/kr00k`
			`- https://github.com/0xT11/CVE-POC`
			`- https://github.com/5l1v3r1/kr00k-vulnerability`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/Astrogeorgeonethree/Starred`
			`- https://github.com/Astrogeorgeonethree/Starred2`
			`- https://github.com/Atem1988/Starred`
			`- https://github.com/EaglerLight/wifi_poc`
			`- https://github.com/WinMin/Protocol-Vul`
			`- https://github.com/akabe1/kr00ker`
			`- https://github.com/developer3000S/PoC-in-GitHub`
			`- https://github.com/hectorgie/PoC-in-GitHub`
			`- https://github.com/hexway/r00kie-kr00kie`
			`- https://github.com/lnick2023/nicenice`
			`- https://github.com/qazbnm456/awesome-cve-poc`
			`- https://github.com/raw-packet/raw-packet`
			`- https://github.com/xbl3/awesome-cve-poc_qazbnm456`