Belkin N600 DB Wi-Fi Dual-Band N+ Router Improper Algorithm Vulnerabilities
27 Feb. 2016
Summary
Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.
Vulnerable Systems:
*Belkin F9K1102 2 devices with firmware 2.10.17
Immune Systems:
*Versions after Belkin F9K1102 2 devices with firmware 2.10.17
A Predictable Random Number Generator Weakness . An information-disclosure vulnerability . A security-bypass vulnerability . An authentication-bypass vulnerability. A cross-site request-forgery vulnerability .An attacker can exploit these issues to bypass security restrictions and perform certain unauthorized actions, brute-force attacks, bypass-authentication mechanisms, or gain access to potentially sensitive information. This may lead to further attacks.