Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities by FON Wireless Limited
CVE-2019-6015 (GCVE-0-2019-6015)
Vulnerability from cvelistv5 – Published: 2019-10-04 17:55 – Updated: 2024-08-04 20:16
VLAI
Summary
FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities.
Severity
No CVSS data available.
CWE
- DNS amplification attacks
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://fonjapan.zendesk.com/hc/ja/articles/36000… | x_refsource_MISC |
| http://jvn.jp/en/vu/JVNVU94678942/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| FON Wireless Limited | FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B |
Affected:
firmware versions 1.1.7 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:23.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/vu/JVNVU94678942/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B",
"vendor": "FON Wireless Limited",
"versions": [
{
"status": "affected",
"version": "firmware versions 1.1.7 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DNS amplification attacks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T15:16:50.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/vu/JVNVU94678942/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-6015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B",
"version": {
"version_data": [
{
"version_value": "firmware versions 1.1.7 and earlier"
}
]
}
}
]
},
"vendor_name": "FON Wireless Limited"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DNS amplification attacks"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942",
"refsource": "MISC",
"url": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942"
},
{
"name": "http://jvn.jp/en/vu/JVNVU94678942/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/vu/JVNVU94678942/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-6015",
"datePublished": "2019-10-04T17:55:42.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:16:23.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6015 (GCVE-0-2019-6015)
Vulnerability from nvd – Published: 2019-10-04 17:55 – Updated: 2024-08-04 20:16
VLAI
Summary
FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities.
Severity
No CVSS data available.
CWE
- DNS amplification attacks
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://fonjapan.zendesk.com/hc/ja/articles/36000… | x_refsource_MISC |
| http://jvn.jp/en/vu/JVNVU94678942/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| FON Wireless Limited | FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B |
Affected:
firmware versions 1.1.7 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:23.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/vu/JVNVU94678942/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B",
"vendor": "FON Wireless Limited",
"versions": [
{
"status": "affected",
"version": "firmware versions 1.1.7 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DNS amplification attacks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T15:16:50.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/vu/JVNVU94678942/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-6015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B",
"version": {
"version_data": [
{
"version_value": "firmware versions 1.1.7 and earlier"
}
]
}
}
]
},
"vendor_name": "FON Wireless Limited"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DNS amplification attacks"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942",
"refsource": "MISC",
"url": "https://fonjapan.zendesk.com/hc/ja/articles/360000558942"
},
{
"name": "http://jvn.jp/en/vu/JVNVU94678942/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/vu/JVNVU94678942/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-6015",
"datePublished": "2019-10-04T17:55:42.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:16:23.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2019-009884
Vulnerability from jvndb - Published: 2019-10-02 10:59 - Updated:2019-12-27 18:05
Severity
Summary
FON routers may behave as an open resolver
Details
FON routers contain an issue where they may behave as open resolvers.
A device that behaves as a DNS resolver for recursive DNS queries from anyone on the internet is called "Open Resolver".
FON routers contain an issue where they may behave as open resolvers.
Hideyoshi Okazaki of ARTERIA Networks Corporation reported this vulnerability to JPCERT/CC, and JPCERT/CC coordinated with the developer.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-009884.html",
"dc:date": "2019-12-27T18:05+09:00",
"dcterms:issued": "2019-10-02T10:59+09:00",
"dcterms:modified": "2019-12-27T18:05+09:00",
"description": "FON routers contain an issue where they may behave as open resolvers.\r\n\r\nA device that behaves as a DNS resolver for recursive DNS queries from anyone on the internet is called \"Open Resolver\".\r\nFON routers contain an issue where they may behave as open resolvers.\r\n\r\nHideyoshi Okazaki of ARTERIA Networks Corporation reported this vulnerability to JPCERT/CC, and JPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-009884.html",
"sec:cpe": [
{
"#text": "cpe:/o:fon:fon_fon2601e-fsw-s_firmware",
"@product": "FON2601E-FSW-S firmware",
"@vendor": "FON Wireless Limited",
"@version": "2.2"
},
{
"#text": "cpe:/o:fon:fon_fon2601e-re_firmware",
"@product": "FON2601E-RE firmware",
"@vendor": "FON Wireless Limited",
"@version": "2.2"
},
{
"#text": "cpe:/o:fon:fon_fon2601e-se_firmware",
"@product": "FON2601E-SE firmware",
"@vendor": "FON Wireless Limited",
"@version": "2.2"
},
{
"#text": "cpe:/o:fon:fon_fon2601fsw-b_firmware",
"@product": "FON2601E-FSW-B firmware",
"@vendor": "FON Wireless Limited",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"@version": "2.0"
},
{
"@score": "5.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2019-009884",
"sec:references": [
{
"#text": "http://jvn.jp/en/vu/JVNVU94678942/index.html",
"@id": "JVNVU#94678942",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6015",
"@id": "CVE-2019-6015",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-6015",
"@id": "CVE-2019-6015",
"@source": "NVD"
}
],
"title": "FON routers may behave as an open resolver"
}