CVE-2023-41355

Summary

Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted package to modify the network routing table, resulting in a denial of service or sensitive information leaking.

Affected Software

VendorProductVersion RangeStatus
Chunghwa TelecomNOKIA G-040W-QG040WQR201207affected

Weaknesses

  • CWE-940: CWE-940 Improper Verification of Source of a Communication Channel

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References