← Back

CVE-2019-6015

nvd nist
Published: Oct 4, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities.

Affected (4)

Fon
4 products
Fon2601e Se Firmware
Fon2601e Re Firmware
Fon2601e Fsw S Firmware
Fon2601e Fsw B Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fon2601e Se Firmware
Up to 1.1.7
Running on/withPlatform Versions
Fon
Fon2601e Se
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fon2601e Re Firmware
Up to 1.1.7
Running on/withPlatform Versions
Fon
Fon2601e Re
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fon2601e Fsw S Firmware
Up to 1.1.7
Running on/withPlatform Versions
Fon
Fon2601e Fsw S
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fon2601e Fsw B Firmware
Up to 1.1.7
Running on/withPlatform Versions
Fon
Fon2601e Fsw B
All versions

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (4)

Source: vultures@jpcert.or.jp
Third Party Advisory
Source: vultures@jpcert.or.jp
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.