CVE-2007-0193
Published Jan 12, 2007
Last updated 6 years ago
Overview
- Description
- FON La Fonera routers do not properly limit DNS service access by unauthenticated clients, which allows remote attackers to tunnel traffic via DNS requests for hosts that should not be accessible before authentication.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fon:la_fonera:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "633F404D-6A86-413F-888E-BB79F0817037"
}
],
"operator": "OR"
}
]
}
]