CVE-2015-8262

Published: Dec 27, 2015Modified: May 6, 2026

6.8

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

Exploitability: 2.2 / Impact: 4.0

Source: NVD

Description

Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.

Affected (4)

Products: Buffalotech: Airstation Extreme N600 Firmware, Airstation Extreme N600

Buffalotech

2 products

Airstation Extreme N600 Firmware

Airstation Extreme N600

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Buffalotech Airstation Extreme N600 Firmware	Version 2.09
Buffalotech Airstation Extreme N600 Firmware	Version 2.13
Buffalotech Airstation Extreme N600 Firmware	Version 2.16
Buffalotech Airstation Extreme N600	All versions

References (4)

http://www.securityfocus.com/bid/78877

Source: cret@cert.org

https://www.kb.cert.org/vuls/id/646008

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/78877

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.kb.cert.org/vuls/id/646008

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.