Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2 with firmware version 2.10.17 and possibly earlier, contains multiple vulnerabilities.
CWE-330: Use of Insufficiently Random Values - CVE-2015-5987
DNS queries originating from the Belkin N600, such as those to resolve the names of firmware update and NTP servers, use predictable TXIDs that start at 0x0002 and increase incrementally. An attacker with the ability to spoof DNS responses can cause the router to contact incorrect or malicious hosts under the attacker's control.
A remote, unauthenticated attacker may be able to spoof DNS responses to cause vulnerable devices to contact attacker-controlled hosts or induce an authenticated user into making an unintentional request to the web server that will be treated as an authentic request. A LAN-based attacker can bypass authentication to take complete control of vulnerable devices.
Apply an update
Restrict access and use strong passwords
These vulnerabilities were reported by Joel Land of the CERT/CC.
This document was written by Joel Land.