CVE-2015-7282

Published: Dec 31, 2015Modified: May 6, 2026

5.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port.

Affected (2)

Products: Readynet Solutions: Wrt300n Dd Firmware, Wrt300n Dd

Readynet Solutions

2 products

Wrt300n Dd Firmware

Wrt300n Dd

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Readynet Solutions Wrt300n Dd Firmware	Version 1.0.26
Readynet Solutions Wrt300n Dd	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.securityfocus.com/bid/78814

Source: cret@cert.org

https://www.kb.cert.org/vuls/id/167992

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/78814

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.kb.cert.org/vuls/id/167992

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.