Published:2019/10/01 Last Updated:2019/10/02
JVNVU#94678942
FON routers may behave as an open resolver
Overview
FON routers contain an issue where they may behave as open resolvers.
Products Affected
- FON2601E-SE firmware versions 1.1.7 and earlier
- FON2601E-RE firmware versions 1.1.7 and earlier
- FON2601E-FSW-S firmware versions 1.1.7 and earlier
- FON2601E-FSW-B firmware versions 1.1.7 and earlier
Description
A device that behaves as a DNS resolver for recursive DNS queries from anyone on the internet is called "Open Resolver".
FON routers contain an issue where they may behave as open resolvers.
Impact
The device may be leveraged for DNS amplification attacks to some other entities.
Solution
Update Firmware
Apply the latest firmware update according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| FON Wireless Limited | About an issue as an open resolver and its impact |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
CVSS v3
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Base Score:
5.8
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
CVSS v2
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score:
5.0
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Hideyoshi Okazaki of ARTERIA Networks Corporation reported this vulnerability to JPCERT/CC, and JPCERT/CC coordinated with the developer.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2019-6015 |
| JVN iPedia |
|
Update History
- 2019/10/02
- Updated the information under the section [Products Affected].