Details of VAR-201307-0615

ID

VAR-201307-0615

TITLE

ASUS Multiple Routers Clear Text Authentication Credentials Vulnerability (CNVD-2013-09984)

Trust: 0.6

sources: CNVD: CNVD-2013-09984

DESCRIPTION

ASUS multiple routers have security vulnerabilities that allow remote attackers to exploit vulnerabilities to obtain sensitive information. The problem is that the device sends authentication credentials in clear text over the network, allowing an attacker to sniff sensitive information through the sniffing network.

Trust: 0.6

sources: CNVD: CNVD-2013-09984

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-09984

AFFECTED PRODUCTS

vendor:	asus	model:	rt-n16 wireless-n300 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-n16r wireless-n300 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-ac66r dual-band wireless-ac1750 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-ac66u dual-band wireless-ac1750 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-n66r dual-band wireless-n900 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-n66u dual-band wireless-n900 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-ac56u dual-band wireless-ac1200 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-n56r dual-band wireless-ac1200 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-n56u dual-band wireless-ac1200 gigabit router	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	rt-n14u wireless-n300 cloud router	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2013-09984

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2013-09984
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2013-09984
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2013-09984

EXTERNAL IDS

db:

CNVD

id:

CNVD-2013-09984

Trust: 0.6

sources: CNVD: CNVD-2013-09984

REFERENCES

url:

http://seclists.org/bugtraq/2013/jul/87

Trust: 0.6

sources: CNVD: CNVD-2013-09984

SOURCES

db:

CNVD

id:

CNVD-2013-09984

LAST UPDATE DATE

2022-05-04T10:05:15.948000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2013-09984

date:

2013-07-19T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2013-09984

date:

2013-07-19T00:00:00