PT-2015-7759 · NetGear · Netgear Wnr1000V3

Joel Land

Publicado

2015-12-27

Atualizado

2016-11-28

CVE-2015-8263

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions NETGEAR WNR1000v3 version 1.0.2.68

Description The issue makes it easier for remote attackers to spoof DNS responses by using the same source port number for every DNS query.

Recommendations For NETGEAR WNR1000v3 version 1.0.2.68, consider updating the firmware to a version that does not use the same source port number for every DNS query as a permanent solution. As a temporary workaround, restrict access to DNS queries to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2015-8263

Produtos afetados

Netgear Wnr1000V3

PT-2015-7759 · NetGear · Netgear Wnr1000V3

CVE-2015-8263

Identificadores relacionados

Produtos afetados

Referências · 3