Vulnerability CVE-2022-41859


Published: 2023-01-17

Description:
In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

Type:

CWE-200

(Information Exposure)

 References:
https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f
https://freeradius.org/security/

Copyright 2026, cxsecurity.com

 

Back to Top