CVE-2019-6015

high

Description

FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities.

References

https://fonjapan.zendesk.com/hc/ja/articles/360000558942

http://jvn.jp/en/vu/JVNVU94678942/index.html

Details

Source: Mitre, NVD

Published: 2019-10-04

Updated: 2020-08-24

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H