CVE-2017-6552

HIGH

Sagemcom Livebox 3 SG30_sip-fr-5.15.8.1 - Denial of Service via IPv6 Routing Table Exhaustion

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-6552. PoCs published by Quentin Olagne.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the Livebox 3 router's IPv6 routing table, causing a denial-of-service (DoS) by flooding the table with crafted ICMPv6 packets. The script uses Scapy to generate and send malicious packets continuously until interrupted.

Description

Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue to render the affected system unresponsive, resulting in a denial-of-service condition for telephone, Internet, and TV services.

Exploits (1)

exploitdb WORKING POC
by Quentin Olagne · pythondoshardware
https://www.exploit-db.com/exploits/41565

This exploit targets a buffer overflow vulnerability in the Livebox 3 router's IPv6 routing table, causing a denial-of-service (DoS) by flooding the table with crafted ICMPv6 packets. The script uses Scapy to generate and send malicious packets continuously until interrupted.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Orange Livebox 3 - Sagemcom SG30_sip-fr-5.15.8.1
No auth needed
Prerequisites: Network access to the target Livebox 3 router · IPv6 connectivity
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=ShCs5_8mBlM&t=37s
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41565/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/96827

Scores

CVSS v3 7.5
EPSS 0.0459
EPSS Percentile 90.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (1)
sagemcom/livebox_firmware 5.15.8.1
Published Mar 09, 2017
Tracked Since Feb 18, 2026