Design/Logic Flaw

D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert...

CVE-2019-13271

Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert...

CVE-2019-13265

The CVE refers to D-Link DIR-825AC G1 devices with insufficient isolation between host and guest networks. The router forwards ARP requests across the two networks, enabling a potential covert channel: an attacker can trigger ARP traffic to target arbitrary hosts on the same network. The document...

CVE-2019-13268

The CVE-2019-13268 entry applies to TP-Link Archer C3200 V1 and Archer C2 V1 devices, which expose insufficient compartmentalization between host and guest networks. ARP requests are forwarded across the two networks, enabling a potential covert channel: the sender can craft ARP requests to conve...

CVE-2019-13271

CVE-2019-13271 affects the Edimax BR-6208AC V1 router, where insufficient isolation between host and guest networks on the same device allows ARP traffic to be forwarded across the two networks. The result is a potential cross-router covert channel: an attacker can issue an ARP request to an arbi...

CVE-2019-13271

Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert...