CRITICAL🇬🇧 English

CVE-2023-41355

CVSS 9.8v3.1pub. 2023-11-03upd. 2024-11-21

Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted package to modify the network routing table, resulting in a denial of service or sensitive information leaking.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nokia G 040w Q

    HW
    Nokia
    wszystkie wersje
  • Nokia G 040w Q Firmware

    OS
    Nokia
    g040wqr201207
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoSFirewall
CWE
Referencje

Powiązane podatności

CVE-2023-41351CRITICAL9.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated ...

CVE-2023-41350HIGH7.5ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authen...

CVE-2023-41352HIGH7.2ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacke...

CVE-2023-41353HIGH8.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regu...

CVE-2023-41354MEDIUM4.0ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauth...