Lucene search

K
cve[email protected]CVE-2013-6026
HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-6026

2022-10-0316:14:50
CWE-264
web.nvd.nist.gov
31
cve-2013-6026
d-link
planex
alpha networks
routers
remote code execution
nvd

7.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.7%

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.

Affected configurations

NVD
Node
dlinkdi-524upMatch-
OR
dlinkdi-604\+Match-
OR
dlinkdi-604sMatch-
OR
dlinkdi-604upMatch-
OR
dlinkdi-624sMatch-
OR
dlinkdir-100Match-
OR
dlinkdir-120Match-
OR
dlinktm-g5240Match-
Node
alphanetworksvdsl_asl-55052Match-
OR
alphanetworksvdsl_asl-56552Match-
Node
planexbrl-04cwMatch-
OR
planexbrl-04rMatch-
OR
planexbrl-04urMatch-

7.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.7%