CVE-2013-3367

Опубликовано: 13 нояб. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.

Ссылки

https://www.ise.io/casestudies/exploiting-soho-routers/
Not Applicable
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Not Applicable
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Third Party Advisory
https://www.ise.io/casestudies/exploiting-soho-routers/
Not Applicable
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Not Applicable
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:trendnet:tew-691gr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:trendnet:tew-691gr:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:trendnet:tew-692gr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:trendnet:tew-692gr:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00509

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-jfj8-f2c2-w36g

github

почти 4 года назад

Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G?DFdg_24Mhw3.