Netgear FVG318 is vunerable to DOS attack

CVE	Category	Price	Severity
N/A	CWE-399: Resource Management Errors	N/A	Medium

Author	Risk	Exploitation Type	Date
Unknown	Medium	Remote	2006-08-23

CPE	PURL
cpe:cpe:/h:netgear:fvg318

CVSS	EPSS	EPSSP
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	0.02192	0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2006080097

Below is a copy:

The Netgear FVG318 (http://www.netgear.com/Products/VPNandSSL/WirelessVPNFirewallRouters/FV
G318.aspx) is vunerable to a Denial of Service attack where a flood of bad checksum TCP packets will lock the router up, forcing a hard reset.

This can be acheived with a program such as fragrouter or even an innocent program such as Azureus when sending/receiving a lot of bad packets.

I deceided to release this information after netgear seemingly uncaringly for their customers has deceided to not progress on diagnosing this bug for over 2 months.

My Firmware ver. = V1.0.40. Can anyone else confirm this with different or the same versions?

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum