Vulnerability Details CVE-2019-6015
FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2019-6015
-
cpe:2.3:h:fon:fon2601e-fsw-b:-
-
cpe:2.3:h:fon:fon2601e-fsw-s:-
-
cpe:2.3:h:fon:fon2601e-re:-
-
cpe:2.3:h:fon:fon2601e-se:-
-
cpe:2.3:o:fon:fon2601e-fsw-b_firmware:-
-
cpe:2.3:o:fon:fon2601e-fsw-b_firmware:1.1.7
-
cpe:2.3:o:fon:fon2601e-fsw-s_firmware:-
-
cpe:2.3:o:fon:fon2601e-fsw-s_firmware:1.1.7
-
cpe:2.3:o:fon:fon2601e-re_firmware:-
-
cpe:2.3:o:fon:fon2601e-re_firmware:1.1.7
-
cpe:2.3:o:fon:fon2601e-se_firmware:-
-
cpe:2.3:o:fon:fon2601e-se_firmware:1.1.7