CVE-2013-5948

Sažetak

The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).

Reference

http://seclists.org/fulldisclosure/2014/Apr/59
http://seclists.org/fulldisclosure/2014/Apr/66
http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
https://support.t-mobile.com/docs/DOC-21994

CVSS

Base:	8.5
Impact:	10.0
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-06-2016 - 15:54

Objavljeno

22-04-2014 - 13:06