Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-5948

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2013-5948
Last Modified 17 Sep 2015 09:59:16
Published 22 Apr 2014 09:06:25
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2013-5948

Summary

The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).

Vulnerable Systems

Operating System

  • Asus Rt-ac68u Firmware 3.0.0.4.374 4561

  • Asus Rt-ac68u Firmware 3.0.0.4.374 4887

  • Asus Rt-ac68u Firmware 3.0.0.4.374.4755


References

CONFIRM - http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29

FULLDISC - 20140404 Re: Remote Command Execution within the ASUS RT-AC68U Managing Web Interface

FULLDISC - 20140404 Reflected Cross-Site Scripting within the ASUS RT-AC68U Managing Web Interface

CONFIRM - https://support.t-mobile.com/docs/DOC-21994


Last Updated: 27 May 2016 11:05:02