CVE-2005-0328

Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://marc.info/?l=bugtraq&m=110720465527599&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/20609
http://marc.info/?l=bugtraq&m=110720465527599&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/20609

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:netgear:rt311::::::::
	cpe:2.3:h:netgear:rt314::::::::
	cpe:2.3:h:zyxel:prestige:310:::::::*
	cpe:2.3:h:zyxel:prestige:314:::::::*
	cpe:2.3:h:zyxel:prestige:324:::::::*

History

20 Nov 2024, 23:54

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=110720465527599&w=2 -~~	() http://marc.info/?l=bugtraq&m=110720465527599&w=2 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/20609 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/20609 -

Information

Published : 2005-05-02 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2005-0328

Mitre link : CVE-2005-0328

CVE.ORG link : CVE-2005-0328

JSON object : View

Products Affected

zyxel

prestige

netgear

rt311
rt314

CWE

NVD-CWE-Other

{"id": "CVE-2005-0328", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-05-02T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=110720465527599&w=2", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20609", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=110720465527599&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20609", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rt311:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3653528A-E4EE-44AA-9EF9-EC6C58D8BFE5"}, {"criteria": "cpe:2.3:h:netgear:rt314:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76508DEB-9224-46CD-9BB9-9F4B99E0850D"}, {"criteria": "cpe:2.3:h:zyxel:prestige:310:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15AA9574-519C-4F2A-A666-64D8813BA468"}, {"criteria": "cpe:2.3:h:zyxel:prestige:314:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA2377B1-5B43-45AB-A880-B1D3E74C1444"}, {"criteria": "cpe:2.3:h:zyxel:prestige:324:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF9F48F8-ACA9-4254-A3CD-7451F4EA7B23"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}