Closed D3adP3nguin closed 3 years ago
vanhoefm
commented
3 years ago From the documentation:
amsdu-inject: If this test succeeds, the device is vulnerable to CVE-2020-24588.ping I,E --amsdu: only checks if a device supports non-SPP A-MSDUs. It doesn't check whether the device is vulnerable.
D3adP3nguin
commented
3 years ago So if our device does support non-SPP A-MSDU frames and I'm able to see the raw ICMP payload from the test CMD ping I,E --amsdu what is that supposed to tell me about the device?
vanhoefm
commented
3 years ago If ping I,E --amsdu results in a ping request (in wireshark running on the device being tested) then that confirms that the device supports non-SPP A-MSDU frames. I don't know why your device is not responding to this ping request (if it responds then the test ping I,E --amsdu should succeed).
For the A-MSDU ping tests, if the CMD:
amsdu-injectpasses but the CMD:ping I,E --amsdufails, would this mean that CVE-2020-24588 is been successfully patched?