Design/Logic Flaw

2020-09-1620:15:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.2%

JSON

A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.

CPENameOperatorVersion
freebox_delta_firmwarelt4.2.3
freebox_mini_firmwarelt4.2.3
freebox_one_firmwarelt4.2.3
freebox_pop_firmwarelt4.2.3
freebox_revolution_firmwarelt4.2.3

Name	Operator	Version
freebox_delta_firmware	lt	4.2.3
freebox_mini_firmware	lt	4.2.3
freebox_one_firmware	lt	4.2.3
freebox_pop_firmware	lt	4.2.3
freebox_revolution_firmware	lt	4.2.3

References

dev.freebox.fr/blog/?p=10222

www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/