CVE-2020-12638 workaround for WPA downgrade attack by earlephilhower · Pull Request #7486 · esp8266/Arduino
When connected to an encrypted (WEP/WPA) router, a rogue packet can cause the ESP8266 WiFi stack to drop to an unecrypted rogue network of the same SSID. Handle this by dropping the WiFi connection immediately and reconnecting to the stored WPA/WEP network requested by the application, whenever the AUTHMODE changes to OPEN from a secured mode. https://lbsfilm.at/blog/wpa2-authenticationmode-downgrade-in-espressif-microprocessors for more details.
approved these changes Jul 25, 2020
The downgrade event needs to be looked for in the main WiFi event processing function instead of the callback function (which will only trigger if the user actually makes a callback themselves).
TD-er
mentioned this pull request
rojer
mentioned this pull request
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters