CVE-2015-8263

NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port.

Published: Dec 27, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-8263
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.6
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
netgear / wnr1000v3_firmware	1.0.2.68	1.0.2.68.x
netgear / wnr1000v3	-	-

http://www.securityfocus.com/bid/78873
https://www.kb.cert.org/vuls/id/403568

Vulnerability Database

289,784

CVE-2015-8263