CVE-2013-7308

Name of the Vulnerable Software and Affected Versions D-Link DES-3810-28 switch with firmware R2.20.B017

Description The issue concerns the OSPF implementation, which does not account for duplicate Link State ID values in Link State Advertisement (LSA) packets. This oversight allows remote attackers to potentially cause a denial of service, leading to routing disruption, or obtain sensitive packet information by sending a crafted LSA packet.

Recommendations For the D-Link DES-3810-28 switch with firmware R2.20.B017, consider disabling OSPF until a patch or updated firmware is available to mitigate the risk of routing disruption or sensitive information disclosure. Restrict access to the network to minimize the risk of exploitation by crafted LSA packets. At the moment, there is no information about a newer version that contains a fix for this vulnerability.