[Japanese]

JVNDB-2017-000240

PWR-Q200 vulnerable to DNS cache poisoning attacks

Overview

PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port (CWE-330).

Toshifumi Sakaguchi reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

Base Metrics: 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None

CVSS V3 Severity:
Base Metrics: 6.8 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None
Affected Products


NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION
  • PWR-Q200 all firmware versions

Impact

The DNS responses spoofed by a remote attacker may result in any device on the LAN being led to a malicious server.
Solution

[Do not use PWR-Q200]
Stop using PWR-Q200 since PWR-Q200 is no longer supported.
The developer recommends to configure devices in the LAN to use the upstream ISP's DNS server.

For details, refer to the information provided by the developer.
Vendor Information

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2017-10874
References

  1. JVN : JVN#73141967
Revision History

[2017/11/22]
  Web page was published