PT-2015-7759 · NetGear · Netgear Wnr1000V3

Joel Land

Published

2015-12-27

Updated

2016-11-28

CVE-2015-8263

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions NETGEAR WNR1000v3 version 1.0.2.68

Description The issue makes it easier for remote attackers to spoof DNS responses by using the same source port number for every DNS query.

Recommendations For NETGEAR WNR1000v3 version 1.0.2.68, consider updating the firmware to a version that does not use the same source port number for every DNS query as a permanent solution. As a temporary workaround, restrict access to DNS queries to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2015-8263

Affected Products

Netgear Wnr1000V3

PT-2015-7759 · NetGear · Netgear Wnr1000V3

CVE-2015-8263

Related Identifiers

Affected Products

References · 3