alfa CVE Vulnerabilities & Metrics

Focus on alfa vulnerabilities and metrics.

Last updated: 18 May 2025, 22:25 UTC

About alfa Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with alfa. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total alfa CVEs: 6
Earliest CVE date: 11 May 2021, 20:15 UTC
Latest CVE date: 17 Apr 2025, 15:15 UTC

Latest CVE reference: CVE-2025-29047

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 3

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical alfa CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 1.65

Max CVSS: 3.3

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	6
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS alfa CVEs

These are the five CVEs with the highest CVSS scores for alfa, sorted by severity first and recency.

CVE-2020-26143 alfa Published on 11 May 2021, 20:15 UTC (CVSS: 3.3)
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141 alfa Published on 11 May 2021, 20:15 UTC (CVSS: 3.3)
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26140 alfa Published on 11 May 2021, 20:15 UTC (CVSS: 3.3)
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2025-29047 alfa Published on 17 Apr 2025, 15:15 UTC (CVSS: 0)
Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser
CVE-2025-29046 alfa Published on 17 Apr 2025, 15:15 UTC (CVSS: 0)
Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value

All CVEs for alfa

CVE-2025-29047 alfa vulnerability CVSS: 0 17 Apr 2025, 15:15 UTC

Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser

CVE-2025-29046 alfa vulnerability CVSS: 0 17 Apr 2025, 15:15 UTC

Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value

CVE-2025-29045 alfa vulnerability CVSS: 0 17 Apr 2025, 15:15 UTC

Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value

CVE-2020-26143 alfa vulnerability CVSS: 3.3 11 May 2021, 20:15 UTC

An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

CVE-2020-26141 alfa vulnerability CVSS: 3.3 11 May 2021, 20:15 UTC

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.

CVE-2020-26140 alfa vulnerability CVSS: 3.3 11 May 2021, 20:15 UTC

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.