Strix
26.1K

CVE-2017-1000020

UnknownEPSS 2.92%

Last modified

CVE-2017-1000020 is a vulnerability of currently unknown severity. SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does not ask for any sign of authentication resulting in Authentication Bypass. EPSS estimates a 2.92% chance of exploitation in the next 30 days.

Description

SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does not ask for any sign of authentication resulting in Authentication Bypass. An attacker can take complete advantage of this bug and take over the device remotely or locally. The bug has been successfully tested and reproduced in some versions of SOHO Routers manufactured by TOTOLINK, GREATEK and others."

Metrics

EPSS Probability
2.92%

85.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
EcosEmbedded Web Servers<= 1.3.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-1000020?
SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does not ask for any sign of authentication resulting in Authentication Bypass. An attacker can take complete advantage of this bug and take over the device remotely or locally. The bug has been successfully tested and reproduced in some versions of SOHO Routers manufactured by TOTOLINK, GREATEK and others."
How severe is CVE-2017-1000020?
Severity scoring for CVE-2017-1000020 is pending analysis. The EPSS model estimates a 2.92% probability of exploitation in the next 30 days.
How do I fix CVE-2017-1000020?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-1000020?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST