Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-1000020

SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does not ask for any sign of authentication resulting in Authentication Bypass. An attacker can take complete advantage of this bug and take over the device remotely or locally. The bug has been successfully tested and reproduced in some versions of SOHO Routers manufactured by TOTOLINK, GREATEK and others."

Published

2017-07-17T13:18:16.547

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	ecos	embedded_web_servers	≤ 1.3.1	Yes
Hardware	greatek	soho	-	No
Hardware	totolink	soho	-	No

References

http://ecos.sourceware.org/ecos/problemreport.html Vendor Advisory ([email protected])
http://ecos.sourceware.org/ecos/problemreport.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)