CVE-2013-5948

The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).

CVSS v2.0 8.5 HIGH

8.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 6.8 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://seclists.org/fulldisclosure/2014/Apr/59
http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
http://seclists.org/fulldisclosure/2014/Apr/66	Exploit
https://support.t-mobile.com/docs/DOC-21994

Configurations

Configuration 1 (hide)

cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561:::::::*
	cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887:::::::*
	cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755:::::::*

cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*

Information

Published : 2014-04-22 06:06

Updated : 2016-06-30 08:54

NVD link : CVE-2013-5948

Mitre link : CVE-2013-5948

JSON object : View

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Products Affected

asus

rt-ac68u
rt-ac68u_firmware

t-mobile

tm-ac1900

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://seclists.org/fulldisclosure/2014/Apr/59", "name": "20140404 Reflected Cross-Site Scripting within the ASUS RT-AC68U Managing Web Interface", "tags": [], "refsource": "FULLDISC"}, {"url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29", "name": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29", "tags": [], "refsource": "CONFIRM"}, {"url": "http://seclists.org/fulldisclosure/2014/Apr/66", "name": "20140404 Re: Remote Command Execution within the ASUS RT-AC68U Managing Web Interface", "tags": ["Exploit"], "refsource": "FULLDISC"}, {"url": "https://support.t-mobile.com/docs/DOC-21994", "name": "https://support.t-mobile.com/docs/DOC-21994", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-5948", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 8.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-04-22T13:06Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-06-30T15:54Z"}

8.5 /10