FON2601E Series Firmware Vulnerability: DNS Amplification Attacks

FON2601E Series Firmware Vulnerability: DNS Amplification Attacks

CVE-2019-6015 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities.

Learn more about our Web Application Penetration Testing UK.