Design/Logic Flaw

2023-11-0306:15:00

PRIOn knowledge base

www.prio-n.com

chunghwa telecom

nokia g-040w-q

firewall

unauthenticated remote attackers

sensitive information

icmp timestamp requests

vulnerability

4.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.3%

JSON

Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.

CPENameOperatorVersion
g-040w-q_firmwareeq40wqr201207-g

CPE	Name	Operator	Version
	g-040w-q_firmware	eq	40wqr201207-g

References

www.twcert.org.tw/tw/cp-132-7504-c6a5e-1.html