SEIL Series routers vulnerable in RADIUS authentication


SEIL Series routers contain a vulnerability in RADIUS authentication.

The PPP Access Concentrator (PPPAC) in SEIL Series routers provided by Internet Initiative Japan Inc. contains an issue when generating random numbers used for RADIUS authentication, which may result in the generated random numbers to be easily predicted.
CVSS Severity (What is CVSS?)

Base Metrics: 4.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: None

Affected Products

Internet Initiative Japan Inc.
  • SEIL/B1 firmware 1.00 to 4.30
  • SEIL/neu 2FE Plus firmware 1.80 to 2.15
  • SEIL/Turbo firmware 1.80 to 2.15
  • SEIL/X1 firmware 1.00 to 4.30
  • SEIL/X2 firmware 1.00 to 4.30
  • SEIL/x86 firmware 1.00 to 2.80
  • SEIL/B1
  • SEIL/neu 2FE Plus
  • SEIL/Turbo
  • SEIL/X1
  • SEIL/X2
  • SEIL/x86


An attacker who can intercept communication of RADIUS authentication may take over access to the services.

[Update the Firmware]
Apply the appropriate firmware update provided by the developer.
Vendor Information

Internet Initiative Japan Inc.
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2013-4708

  1. JVN : JVN#40079308
  2. National Vulnerability Database (NVD) : CVE-2013-4708
Revision History

  Web page was published
  References : Content was added