CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.2%
Automatic DNS registration and autodiscovery functionality provides an opportunity for the misconfiguration of networks, resulting in a loss of confidentiality and integrity of the network if an attacker on the network adds a specially configured proxy device.
The Web Proxy Automatic Discovery (WPAD) protocol is used to automatically provide proxy configuration information to devices on a network. Clients issue a special DHCP request to obtain the information for the proxy configuration, but will fall back on a DNS request to one of several standardized URLs making use of the subdomain name of “wpad” if a DHCP response is unavailable.An attacker with local area network (LAN) access may be able to add a device with the name “wpad” to the network, which may produce a collision with a standardized WPAD DNS name. Many customer premise home/office routers (including, but not limited to, Google Wifi and Ubiquiti UniFi) automatically register device names as DNS A records on the LAN, which may allow an attacker to utilize a specially named and configured device to act as a WPAD proxy configuration server. The attacker-served proxy configuration can result in the loss of confidentiality and integrity of any network activity by any device that utilizes WPAD.
Home/office LAN/WLAN routers should not auto-register to their local DNS magic names related to auto-configuration and auto-discovery features should not accept mDNS based names as authoritative sources.
598349
Filter by status: All Affected Not Affected Unknown
Filter by content: __Additional information available
__Sort by: Status Alphabetical
Expand all
Javascript is disabled. Clickhere to view vendors.
Notified: July 18, 2018 Updated: September 04, 2018
Statement Date: August 30, 2018
Affected
ADTRAN has affected products and their advisory will be available at the vendor web site.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: September 19, 2018
Statement Date: September 10, 2018
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: October 01, 2018
Statement Date: September 08, 2018
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: September 05, 2018
Statement Date: July 20, 2018
Affected
Synology
has prepared updates to the majority of their products to fix this vulnerability. Please check https://www.synology.com/en-global/support/security/Synology_SA_18_53
.
Synology has released updates to our majority products for fixing the vulnerability:
List of affected products:`` ``https://www.synology.com/en-global/support/security/Synology_SA_18_53
- DSM 6.2.1-23824 (https://www.synology.com/en-us/releaseNote/FS3017)
- SRM 1.1.7-6941-2 (https://www.synology.com/en-us/releaseNote/RT2600ac)
We will publish a security advisory after public disclosure. Thank you.
- Synology Security Team.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: July 18, 2018 Updated: October 23, 2018
Statement Date: October 08, 2018
Affected
`The WPAD attack mechanism is not filterable by TippingPoint.However, the Jscript payload is filterable.
Here is the list of JS vulnerabilities from Project Zero
The WPAD attack mechanism is not filterable by TippingPoint. However, the Jscript payload is filterable.
Here is the list of JS vulnerabilities from Project Zero + our filters
| 1376 | CVE-2017-11903 | 30079 |
| 1340 | CVE-2017-11810 | 29707 |
| 1381 | CVE-2017-11793 | 29705 |
| 1369 | CVE-2017-11890 | 30068 |
| 1383 | CVE-2017-11907 | 30081 |
| 1378 | CVE-2017-11855 | 29918 |
| 1382 | CVE-2017-11906 | - |
---------------------------------------`
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: September 06, 2018
Statement Date: September 05, 2018
Affected
The recently launched UniFi Security Gateway firmware (4.4.28) that fix the vulnerability “VU#598349”:
https://community.ubnt.com/t5/UniFi-Updates-Blog/USG-Firmware-v4-4-28-now-available/ba-p/2482349.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: August 22, 2018
Statement Date: August 02, 2018
Not Affected
Not Affected.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 20, 2018
Statement Date: July 19, 2018
Not Affected
Check Point Software Technologies is not vulnerable to this.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 20, 2018
Statement Date: July 19, 2018
Not Affected
Thank you for sending us this report. As per our initial assessment, Juniper routers are unaffected since they do not consider host names provided in DHCP requests. If our devices are found vulnerable we will take steps to fix them and publish advisories on or after public disclosure of this issue.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 23, 2018
Statement Date: July 23, 2018
Not Affected
Since NSD does not have DHCP DNS registration and autodiscovery functionality, we need to take no action. So NSD is not vulnerable.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 23, 2018 Updated: July 23, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 29, 2018 Updated: August 29, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 18, 2018 Updated: July 18, 2018
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
View all 226 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | 0 | AV:–/AC:–/Au:–/C:–/I:–/A:– |
Temporal | 0 | E:ND/RL:ND/RC:ND |
Environmental | 0 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
This attack was found, tested and reported by Ossi Salmi, Mika Seppänen, Marko Laakso and Kasper Kyllönen of Arctic Security. We asked help of Jussi Eronen and Iikka Sovanto of NCSC-FI in reaching out the vendor representatives.
This document was written by Laurie Tyzenhaus and Garret Wasserman.
CVE IDs: | CVE-2017-11903, CVE-2017-11810, CVE-2017-11793, CVE-2017-11890, CVE-2017-11907, CVE-2017-11906, CVE-2017-11855 |
---|---|
Date Public: | 2018-09-05 Date First Published: |
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.2%