Denial of Service Vulnerability in Kraftway 24F2XG Router Firmware
CVE-2018-15351

6.5MEDIUM

Key Information:

Vendor: Kaspersky
Status: Kraftway
Vendor: CVE Published:; 17 August 2018

Summary

A vulnerability exists in the Kraftway 24F2XG Router that allows attackers to initiate a denial of service (DoS) attack by crafting and sending a malicious link to a privileged user. When the link is accessed, it can lead to the router becoming unresponsive, compromising the availability of network services for legitimate users. This flaw in firmware version 3.5.30.1118 highlights the importance of securing network devices against exploitation through social engineering tactics.

Affected Version(s)

Kraftway Kraftway-24F2XG Router firmware 3.5.30.1118

References

https://ics-cert.kaspersky.com/advisories/klcert-advisori...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 17, 2018
Vulnerability Reserved
Aug 15, 2018