CVE-2015-8263
Summary
| CVE | CVE-2015-8263 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-12-27 03:59:00 UTC |
| Updated | 2016-11-28 19:46:00 UTC |
| Description | NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Netgear | Wnr1000v3 | All | All | All | All |
| Hardware | Netgear | Wnr1000v3 | All | All | All | All |
| Operating System | Netgear | Wnr1000v3 Firmware | 1.0.2.68 | All | All | All |
| Operating System | Netgear | Wnr1000v3 Firmware | 1.0.2.68 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Vulnerability Note VU#403568 - Netgear G54/N150 Wireless Router WNR1000v3 uses insufficiently random values for DNS queries | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.