CVE-2017-10874

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
ntt-eastpwr-q200_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://web116.jp/shop/hikari_p/q200/q200_00.html
https://jvn.jp/en/jp/JVN73141967/index.html
http://web116.jp/shop/hikari_p/q200/q200_00.html
https://jvn.jp/en/jp/JVN73141967/index.html