[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2020-24376Date: (C)2020-09-17   (M)2023-12-22


A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 9.6CVSS Score : 6.8
Exploit Score: 2.8Exploit Score: 8.6
Impact Score: 6.0Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: REQUIREDConfidentiality: PARTIAL
Scope: CHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
https://dev.freebox.fr/blog/?p=10222
https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/

CPE    2
cpe:/h:free:freebox_mini:-
cpe:/h:free:freebox_pop:-
CWE    1
CWE-20

© SecPod Technologies