Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:SECUTECH-RIS-DNS
Severity	Minor
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Secutech RiS Remote DNS Change
Release Date	2019/04/15
Update Number	3162
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Secutech RiS Remote DNS Change

This signature detects attempts to exploit a known vulnerability against Secutech RiS. A successful attack can lead to DNS hijacking.

Extended Description

Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie.

Affected Products

Secutech_project ris-11_firmware 5.07.52_es_fri01
Secutech_project ris-22_firmware 5.07.52_es_fri01
Secutech_project ris-33_firmware 5.07.52_es_fri01

References

CVE: CVE-2018-10080

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Secutech RiS Remote DNS Change

Extended Description

Affected Products

References