CVE-2023-30312

HIGH 7.3

CVSS Score

7.3

EPSS Score

0.0%

EPSS Percentile

0th

An issue discovered in OpenWrt 18.06, 19.07, 21.02, 22.03, and beyond allows off-path attackers to hijack TCP sessions, which could lead to a denial of service, impersonating the client to the server (e.g., for access to files over FTP), and impersonating the server to the client (e.g., to deliver false information from a finance website). This occurs because nf_conntrack_tcp_no_window_check is true by default.

Vendor	n/a
Product	n/a
Published	May 28, 2024
Last Updated	Nov 7, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new high vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

openwrt.org: https://openwrt.org/docs/guide-developer/security ndss-symposium.org: https://www.ndss-symposium.org/ndss-paper/exploiting-sequence-number-leakage-tcp-hijacking-in-nat-enabled-wi-fi-networks/ blog.apnic.net: https://blog.apnic.net/2024/06/18/off-path-tcp-hijacking-in-nat-enabled-wi-fi-networks/ news.ycombinator.com: https://news.ycombinator.com/item?id=40723150