Lucene search

[email protected]CVE-2013-3089

HistorySep 29, 2014 - 10:55 p.m.

CVE-2013-3089

2014-09-2922:55:08

CWE-352

[email protected]

web.nvd.nist.gov

cve-2013-3089

csrf

vulnerability

belkin n300

router

hijack authentication

administrators

configuration

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.4%

JSON

Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration.

Affected configurations

NVD

Node

belkinn300_firmwareMatch1.00.06

AND

belkinn300Match-

CPENameOperatorVersion
belkin:n300_firmwarebelkin n300 firmwareeq1.00.06
belkin:n300belkin n300eq-

CPE	Name	Operator	Version
belkin:n300_firmware	belkin n300 firmware	eq	1.00.06
belkin:n300	belkin n300	eq	-

References

securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php

securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.4%

JSON

Related for CVE-2013-3089

nvd1 cvelist1 prion1