[Japanese]

JVNDB-2017-000240

PWR-Q200 vulnerable to DNS cache poisoning attacks

Overview

PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port (CWE-330).

Toshifumi Sakaguchi reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION
  • PWR-Q200 all firmware versions

Impact

The DNS responses spoofed by a remote attacker may result in any device on the LAN being led to a malicious server.
Solution

[Do not use PWR-Q200]
Stop using PWR-Q200 since PWR-Q200 is no longer supported.
The developer recommends to configure devices in the LAN to use the upstream ISP's DNS server.

For details, refer to the information provided by the developer.
Vendor Information

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2017-10874
References

  1. JVN : JVN#73141967
  2. National Vulnerability Database (NVD) : CVE-2017-10874
Revision History

  • [2017/11/22]
      Web page was published
  • [2018/03/14]
      References : Content was added

Date Public2017/11/22
Date First Published2017/11/22
Date Last Updated2018/03/14