Sign-up

ID

VAR-201307-0614


TITLE

ASUS Cloud-N66U Router AiCloud Security Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-08764

DESCRIPTION

ASUS RT-N66U is a wireless router product. ASUS RT-N66U 3.0.0.4.270, 3.0.0.4.354 does not properly restrict access when processing certain HTTPS requests, can be exploited to gain unauthorized access, and reveals the contents of arbitrary files and directories. Successful exploitation of this vulnerability requires activation. AiCloud web service.

Trust: 0.6

sources: CNVD: CNVD-2013-08764

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-08764

AFFECTED PRODUCTS

vendor:asustekmodel:rt-n66u routerscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2013-08764

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2013-08764
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2013-08764
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2013-08764

EXTERNAL IDS

db:SECUNIAid:53931

Trust: 0.6

db:CNVDid:CNVD-2013-08764

Trust: 0.6

sources: CNVD: CNVD-2013-08764

REFERENCES

url:http://secunia.com/advisories/53931/

Trust: 0.6

sources: CNVD: CNVD-2013-08764

SOURCES

db:CNVDid:CNVD-2013-08764

LAST UPDATE DATE

2022-05-17T02:04:40.831000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-08764date:2013-07-05T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2013-08764date:2013-07-05T00:00:00