exploitDog

CVE-2013-4656

Опубликовано: 13 нояб. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.

Ссылки

https://www.ise.io/casestudies/exploiting-soho-routers/
Mitigation
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Third Party Advisory
https://www.ise.io/casestudies/exploiting-soho-routers/
Mitigation
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:asus:rt-ac66u_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:asus:rt-n56u_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00738

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-9f58-xmg6-36px

github

почти 4 года назад

Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.

EPSS

Процентиль: 72%

0.00738

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-22