CVE-2018-16310

An attacker who is connected to the router's network (either wired or Wi-Fi) sends a massive flood of Ethernet frames, each with a randomly generated source MAC address, using a tool such as macof [ref_id=1]. The router's forwarding table or connection-tracking logic becomes saturated, causing legitimate traffic to be dropped and resulting in a complete networking outage [ref_id=1]. The attack requires no authentication and can be launched from any device on the local network.

The advisory does not specify any particular function, file, or code path. The vulnerability is triggered at the network interface level of the Technicolor TG588V V2 router when it processes an overwhelming flood of random MAC addresses.

No patch or firmware update has been published by Technicolor. The vendor disputes that the behavior is a vulnerability, stating that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack, and that this has been confirmed through testing against official up-to-date versions. The only remediation documented in the advisory is to reboot the router after the attack subsides [ref_id=1].

1. Connect the attacking system to the Technicolor TG588V V2 router's network. 2. Open a terminal and run `macof -i ens33 -n 10000000000` (adjust the interface name as needed). 3. Press Enter. The internet connection will be lost [ref_id=1].