Discussion stats
  • 3 replies
  • 3775 views
  • 0 kudos
  • 3 in conversation
Announcements

Top Contributors
Reply
Highlighted
Aspirant
Aspirant

DnsMasq heap buffer overflow vulnerability

Hello, I was doing a vulnerability test thru my Avast Premier account and it came up with this issue. There is no update for firmware, so I do not know what to do to fix this. Help? scan.png Details

We have identified the following problem with your router or Wi-Fi hotspot device:

DnsMasq heap buffer overflow vulnerability

Severity: High

Reference: CVE-2017-14491 | Google Security Blog

Description:
The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation:
The issue was fixed in DnsMasq software version 2.78, released in October 2017.

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. We also advise you not to visit suspicious websites or run software from questionable sources.

Model: R6700v2|Nighthawk AC1750 Smart WiFi Router
Message 1 of 4
Highlighted
Guru

Re: DnsMasq heap buffer overflow vulnerability

I recommend you phone contact NG support in regards to this to see if there is any help or information regarding it.

 

Let us know how it goes.


My Setup (Cable 900Mbps/50Mbps)>CAX80>RBK853 v3.1.15.32(Router Mode)
Additional NG HW: C7800/CM1100/CM1200, Orbi CBK40, RBK50, R7800, R7960P,
EX7500/EX7700, XR450 and WNHDE111
Message 2 of 4
Highlighted
Aspirant
Aspirant

Re: DnsMasq heap buffer overflow vulnerability

I will call and I will post results.

Model: R6700v2|Nighthawk AC1750 Smart WiFi Router
Message 3 of 4
Highlighted

Re: DnsMasq heap buffer overflow vulnerability


@FURRYe38 wrote:

I recommend you phone contact NG support in regards to this to see if there is any help or information regarding it.

 


This too:

 

Report Vulnerabilities

 

Just another user.

My network DM200 -> R7800 -> GS316 -> PL1000 -> Orbi RBR40 -> Orbi RBS50Y -> RBS40V
Message 4 of 4