CVE-2015-3969

Name of the Vulnerable Software and Affected Versions Janitza UMG versions 508, 509, 511, 604, and 605

Description The issue allows remote attackers to obtain sensitive network-connection information by sending a request to UDP port 1234 or 1235. This is related to the lack of protection for service data in the Janitza UMG devices' software, which can be exploited by a remote attacker to gain access to information about the state of network connections.

Recommendations For Janitza UMG versions 508, 509, 511, 604, and 605, consider restricting access to UDP ports 1234 and 1235 as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.