CVE-2017-10874

Summary

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks.

Affected Software

VendorProductVersion RangeStatus
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATIONPWR-Q200all firmware versionsaffected

Weaknesses

  • Use of Insufficiently Random Values

ADP Enrichment

CVE Program Container

Additional References

References