CVE-2020-25856

EPSS 1.36% · P80 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-25856

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

栈缓冲区溢出

Source: NVD (National Vulnerability Database)

Vulnerability Title

Realtek RTL8195AM 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Realtek RTL8195AM是中国台湾瑞昱半导体（Realtek）公司的一款物联网微控制器。 Realtek RTL8195A Wi-Fi Module prior to versions 2.08 存在安全漏洞，攻击者可以利用该漏洞执行远程代码执行或拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Realtek RTL8195A Wi-Fi Module	Versions before 2020-04-21 (up to and excluding 2.08)	-

II. Public POCs for CVE-2020-25856

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-25856

请登录查看更多情报信息。

Same Patch Batch · n/a · 2021-02-03 · 59 CVEs total

CVE-2020-28895	7.3 HIGH	integer overflow in calloc
CVE-2021-23331	4.4 MEDIUM	Insecure Temporary File
CVE-2020-25208		JetBrains YouTrack 授权问题漏洞
CVE-2020-29166		RainbowFish PacsOne Server 代码问题漏洞
CVE-2020-29163		RainbowFish PacsOne Server SQL注入漏洞
CVE-2020-29164		RainbowFish PacsOne Server 跨站脚本漏洞
CVE-2020-29165		RainbowFish PacsOne Server 访问控制错误漏洞
CVE-2021-25761		Jetbrains JetBrains Ktor framework 加密问题漏洞
CVE-2021-25763		JetBrains Ktor framework 加密问题漏洞
CVE-2021-25762		Jetbrains JetBrains Ktor framework 环境问题漏洞
CVE-2021-25765		Jetbrains JetBrains YouTrack 跨站请求伪造漏洞
CVE-2021-25760		JetBrains Hub 信息泄露漏洞
CVE-2021-25766		Jetbrains JetBrains YouTrack 安全漏洞
CVE-2021-25767		Jetbrains JetBrains YouTrack 信息泄露漏洞
CVE-2021-25768		JetBrains YouTrack 安全漏洞
CVE-2021-25769		Jetbrains JetBrains YouTrack 安全漏洞
CVE-2021-25770		JetBrains YouTrack 代码注入漏洞
CVE-2021-25771		JetBrains YouTrack 信息泄露漏洞
CVE-2021-25773		JetBrains TeamCity 跨站脚本漏洞
CVE-2021-25772		JetBrains TeamCity 安全漏洞

Showing top 20 of 59 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Realtek RTL8195A Wi-Fi Module

Same vendor: n/a

Same weakness: CWE-121

V. Comments for CVE-2020-25856

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-25856

I. Basic Information for CVE-2020-25856

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-25856

III. Intelligence Information for CVE-2020-25856

Same Patch Batch · n/a · 2021-02-03 · 59 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-25856

Leave a comment