Lucene search

[email protected]NVD:CVE-2013-3610

HistoryOct 05, 2013 - 10:55 a.m.

CVE-2013-3610

2013-10-0510:55:03

CWE-287

[email protected]

web.nvd.nist.gov

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:C/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.6%

JSON

qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.

Affected configurations

NVD

Node

asusrt-n10e_firmwareRange≤2.0.0.24

asusrt-n10e_firmwareMatch2.0.0.7

asusrt-n10e_firmwareMatch2.0.0.10

asusrt-n10e_firmwareMatch2.0.0.16

asusrt-n10e_firmwareMatch2.0.0.19

asusrt-n10e_firmwareMatch2.0.0.20

AND

asusrt-n10eMatch-

References

www.kb.cert.org/vuls/id/984366

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:C/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.6%

JSON

Related for NVD:CVE-2013-3610

prion1 cve1 cert1 openvas1 threatpost1 cvelist1