CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
95.6%
The PPP Access Concentrator (PPPAC) contained in SEIL Series routers contain a buffer overflow vulnerability when processing PPPoE packets.
An attacker may be able to execute arbitrary code.
Accoding to the developer, all versions of SEIL/86, SEIL/B1, SEIL/X1, SEIL/X2 3.00 through 3.11 process PPPoE packets in a non-administrative mode of operation, therefore the affect of this vulnerability is limited to the PPPAC service being stopped.
Update the Software
Update to the latest version according to the information provided by the developer.
This issue was resolved in the following versions.
SEIL/x86 firmware 1.62
SEIL/B1 firmware 3.12
SEIL/X1 firmware 3.12
SEIL/X2 firmware 3.12
SEIL/Turbo firmware 2.11
SEIL/neu 2FE Plus firmware 2.11
SEIL/x86 firmware 1.00 to 1.61
SEIL/B1 firmware 1.00 to 3.11
SEIL/X1 firmware 1.00 to 3.11
SEIL/X2 firmware 1.00 to 3.11
SEIL/Turbo firmware 1.80 to 2.10
SEIL/neu 2FE Plus firmware 1.80 to 2.10