Cente Ipv6
CVE-2024-28957
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary rating from Vendor (jpcert) · only source for this CVE.
CVSS VectorVendor: jpcert
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device.
AnalysisAI
Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-340. Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device. Affected products include: Nxtech Cente Ipv6, Nxtech Cente Ipv6 Snmpv2, Nxtech Cente Ipv6 Snmpv3, Nxtech Cente Tcp\/Ipv4, Nxtech Cente Tcp\/Ipv4 Snmpv2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Cente Ipv6
View allOut-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in C
Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 headers exists in Cente
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today