exploitDog

CVE-2013-7293

Опубликовано: 15 янв. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always resolve to 192.168.1.1, which makes it easier for remote attackers to hijack the configuration traffic by controlling the server associated with that hostname.

Ссылки

http://www.kb.cert.org/vuls/id/191750
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/64799
http://www.kb.cert.org/vuls/id/191750
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/64799

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:asus:wl-330nul:-:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00834

Низкий

5 Medium

CVSS2

Дефекты

CWE-16

Связанные уязвимости

GHSA-6xxp-p3pp-qrxg

github

больше 3 лет назад

The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always resolve to 192.168.1.1, which makes it easier for remote attackers to hijack the configuration traffic by controlling the server associated with that hostname.

EPSS

Процентиль: 74%

0.00834

Низкий

5 Medium

CVSS2

Дефекты

CWE-16