Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS query performed on behalf of the device itself, which makes it easier for remote attackers to spoof responses by including this ID value, as demonstrated by a response containing the address of the firmware update server, a different vulnerability than CVE-2015-2914.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Securifi Almond 安全漏洞
Vulnerability Description
Securifi Almond是Securifi公司的一款无线路由器产品。 使用AL1-R201EXP10-L304-W34之前版本固件的Securifi Almond设备和使用AL2-R088M之前版本固件的Almond-2015设备中存在安全漏洞,该漏洞源于程序执行DNS查询时使用线性算法选择头部中的ID值。远程攻击者可通过包含该ID值利用该漏洞伪造响应。
CVSS Information
N/A
Vulnerability Type
N/A