6 matches found
CVE-2017-10874
PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks...
CVE-2017-10874
The CVE-2017-10874 issue affects PWR-Q200, a mobile WiFi router by NTT East. The root cause is that DNS queries are sent with fixed (non-random) source ports (CWE-330), enabling remote attackers to perform DNS cache poisoning. Impact stated in sources: spoofed DNS responses could mislead devices ...
CVE-2017-10874
PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks...
DNS Cache Poisoning Attack Vulnerability in NIPPON TELEGRAPH AND TELEPHONE EAST PWR-Q200
NIPPON TELEGRAPH AND TELEPHONE EAST PWR-Q200 is a removable wireless router from NIPPON TELEGRAPH AND TELEPHONE EAST, Japan. A DNS cache poisoning attack vulnerability exists in the NIPPON TELEGRAPH AND TELEPHONE EAST PWR-Q200, which originates from the program's failure to use a random value for...
PWR-Q200 vulnerable to DNS cache poisoning attacks
Overview PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port CWE-330. Toshifumi Sakaguchi reported this vulnerability to IPA. JPCERT/CC coordinated with...
JVN#73141967: PWR-Q200 vulnerable to DNS cache poisoning attacks
PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port CWE-330. Impact The DNS responses spoofed by a remote attacker may result in any device on the LAN...