CVE-2015-8263
First published: Sun Dec 27 2015(Updated: )
NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NETGEAR WNR1000v3 firmware | =1.0.2.68 | |
| NETGEAR WNR1000 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2015-8263?
The severity of CVE-2015-8263 is considered medium due to the risk of DNS spoofing attacks.
How do I fix CVE-2015-8263?
To fix CVE-2015-8263, upgrade the NETGEAR WNR1000v3 firmware to a version that addresses this vulnerability.
Who is affected by CVE-2015-8263?
CVE-2015-8263 affects NETGEAR WNR1000v3 devices running firmware version 1.0.2.68.
What type of attack is possible with CVE-2015-8263?
CVE-2015-8263 allows remote attackers to spoof DNS responses due to predictable source port number usage.
What are the potential consequences of CVE-2015-8263?
The potential consequences of CVE-2015-8263 include unauthorized access to sensitive information or disruption of network services.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/netgear
- canonical/netgear wnr1000v3 firmware
- version/netgear wnr1000v3 firmware/1.0.2.68
- canonical/netgear wnr1000 firmware