Vulnerability CVE-2018-15852


Published: 2018-08-25

Description:
** DISPUTED ** Technicolor TC7200.20 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions.

Type:

CWE-400

(Uncontrolled Resource Consumption ('Resource Exhaustion'))

CVSS2 => (AV:A/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.1/10
6.9/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Technicolor -> Tc7200.20 firmware 

 References:
https://bkd00r.wordpress.com/2018/08/24/cve-2018-15852-exploit-title-cable-modem-technicolor-tc7200-20-wifi-buffer-overflow/

Copyright 2024, cxsecurity.com

 

Back to Top