Published:2013/09/19  Last Updated:2013/10/30

Multiple broadband routers may behave as open resolvers


Multiple broadband routers contain an issue where they may behave as open resolvers.

Products Affected

A wide range of products are affected.

For more information, please refer to the information under "Vendor Status"


A device that runs as a DNS cache server, which responds to any recursive DNS queries that are received is referred to as an open resolver.
Multiple broadband routers may contain an issue where they may behave as open resolvers.


The device may be used in a DNS amplification attack and unknowingly become a part of a DDoS attack.


Apply an Update or Change the Settings
Apply the appropriate solution (update, patch, settings change, etc.) according to the information provided by the developer

Vendor Status

Vendor Status Last Update Vendor Notes
Internet Initiative Japan Inc. Vulnerable 2013/09/19 Internet Initiative Japan Inc. website
NEC Corporation Vulnerable 2013/09/25
Shinsei Corporation Vulnerable 2013/09/19
Yamaha Corporation Vulnerable 2013/09/19 Yamaha Corporation website
YMIRLINK Inc. Not Vulnerable 2013/09/19
Yokogawa Meters & Instruments Corporation Not Vulnerable 2013/09/19


  1. US-CERT
    Alert (TA13-088A) DNS Amplification Attacks

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2013.09.19

Measures Conditions Severity
Access Required can be attacked over the Internet using packets
  • High
Authentication anonymous or no authentication (IP addresses do not count)
  • High
User Interaction Required the vulnerability can be exploited without an honest user taking any action
  • High
Exploit Complexity some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls)
  • Mid-High

Description of each analysis measures


This issue was confirmed by JPCERT/CC and IPA that it affected multiple developers and was coordinated by JPCERT/CC.
In addition, Yasuhiro Orange Morishita of Japan Registry Services Co., Ltd. (JPRS) reported this vulnerability to JPCERT/CC under the Information Security Early Warning Partnership.

Other Information

JPCERT Reports
CERT Advisory
CPNI Advisory
JVN iPedia JVNDB-2013-000087

Update History

NEC Corporation update status
NEC Corporation update status
NEC Corporation update status
Title was fixed.