PT-2020-15718 · Free · Freebox Server+1

Gabriel Corona

Published

2020-09-16

Updated

2020-11-13

CVE-2020-24376

CVSS v3.1

9.6

Critical

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Freebox versions prior to 1.5.29 Freebox Server versions prior to 4.2.3

Description A DNS rebinding issue affects the UPnP IGD implementations.

Recommendations For Freebox versions prior to 1.5.29, update to version 1.5.29 or later. For Freebox Server versions prior to 4.2.3, update to version 4.2.3 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2020-24376

Affected Products

Freebox

Freebox Server

PT-2020-15718 · Free · Freebox Server+1

CVE-2020-24376

Weakness Enumeration

Related Identifiers

Affected Products

References · 4