JVN#51250073: CG-WLNCM4G may behave as an open resolver
2015-12-25T00:00:00
ID JVN:51250073 Type jvn Reporter Japan Vulnerability Notes Modified 2015-12-25T00:00:00
Description
## Description
CG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver.
## Impact
The device may be leveraged for use in a DNS amplification attack and unknowingly become a part of a DDoS attack.
## Solution
Do not use CG-WLNCM4G
As of December 25, 2015, there are no practical solutions to this issue.
It is recommended to stop using CG-WLNCM4G according to the information provided by the developer.
According to the developer, the following products are not affected by this issue.
CG-NCBU031A
CG-NCVD031A
CG-NCDO011A
CG-NCPFE011A
CG-NCPVD032A
Apply a Workaround
The following workaround may mitigate the affects of this issue.
Restrict access to the product from the internet, through router settings or other functions
## Products Affected
CG-WLNCM4G
{"id": "JVN:51250073", "bulletinFamily": "info", "title": "JVN#51250073: CG-WLNCM4G may behave as an open resolver", "description": "\n ## Description\n\nCG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver.\n\n ## Impact\n\nThe device may be leveraged for use in a DNS amplification attack and unknowingly become a part of a DDoS attack.\n\n ## Solution\n\n**Do not use CG-WLNCM4G** \nAs of December 25, 2015, there are no practical solutions to this issue. \nIt is recommended to stop using CG-WLNCM4G according to the information provided by the developer. \n \nAccording to the developer, the following products are not affected by this issue. \n\n * CG-NCBU031A\n * CG-NCVD031A\n * CG-NCDO011A\n * CG-NCPFE011A\n * CG-NCPVD032A\n**Apply a Workaround** \nThe following workaround may mitigate the affects of this issue. \n\n * Restrict access to the product from the internet, through router settings or other functions\n\n ## Products Affected\n\n * CG-WLNCM4G\n", "published": "2015-12-25T00:00:00", "modified": "2015-12-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "http://jvn.jp/en/jp/JVN51250073/index.html", "reporter": "Japan Vulnerability Notes", "references": [], "cvelist": ["CVE-2015-7794"], "type": "jvn", "lastseen": "2019-05-29T19:49:16", "edition": 4, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-7794"]}], "modified": "2019-05-29T19:49:16", "rev": 2}, "score": {"value": 4.7, "vector": "NONE", "modified": "2019-05-29T19:49:16", "rev": 2}, "vulnersScore": 4.7}, "scheme": null}