Lucene search
Japan Vulnerability NotesJVN:27142693HistoryJan 26, 2015 - 12:00 a.m.
JVN#27142693: NP-BBRM vulnerable in UPnP functionality
2015-01-2600:00:00
Japan Vulnerability Notes
jvn.jp
23
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:C/A:N
EPSS
0.003
Percentile
71.1%
NP-BBRM provided by I-O DATA DEVICE, INC. is a LAN router. NP-BBRM contains a vulnerability in the UPnP functionality.
Impact
The device may be used in a DDoS attack, as a SSDP reflector.
Solution
Disable UPnP
Disable UPnP functionality from the management configuration in the settings screen.
Products Affected
- NP-BBRM router
Related
cvelist
cvelist
CVE-2015-0869
2015-02-01 15:00:00
nvd
nvd
CVE-2015-0869
2015-02-01 15:59:08
prion
prion
Code injection
2015-02-01 15:59:00
cve
cve
CVE-2015-0869
2015-02-01 15:59:08
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:C/A:N
EPSS
0.003
Percentile
71.1%
Related for JVN:27142693