Vulnerability Details CVE-2018-15907
Technicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-16310. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.1
References
- https://bkd00r.wordpress.com/2018/08/27/cve-2018-15907-exploit-title-techniclor-formerly-rca-tc8305c-wireless-gateway-802-11b-g-n-gigaport-x-4-port-router-w-2-voice-lines-xfinity-comcast-buffer-overflow/
- https://bkd00r.wordpress.com/2018/08/27/cve-2018-15907-exploit-title-techniclor-formerly-rca-tc8305c-wireless-gateway-802-11b-g-n-gigaport-x-4-port-router-w-2-voice-lines-xfinity-comcast-buffer-overflow/
Products affected by CVE-2018-15907
-
cpe:2.3:h:technicolor:tc8305c:-
-
cpe:2.3:o:technicolor:tc8305c_firmware:-