Details of VAR-201310-0333

ID

VAR-201310-0333

CVE

CVE-2013-5703

TITLE

DrayTek Vigor 2700 ADSL router contains a command injection vulnerability

Trust: 0.8

sources: CERT/CC: VU#101462

DESCRIPTION

The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js. DrayTek Vigor 2700 ADSL router version 2.8.3 and possibly earlier versions contain a command injection vulnerability via malicious SSID (CWE-77). DrayTek Provided by Vigor2700 Contains a command injection vulnerability. DrayTek Provided by Vigor2700 Of the adjacent access point SSID The variables.js Hold on. Vigor2700 The web management screen for variables.js There is a problem with handling, command injection (CWE-77) Vulnerabilities exist. CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') http://cwe.mitre.org/data/definitions/77.htmlCrafted SSID By receiving, there is a possibility that arbitrary operations will be executed on the product. The DrayTek Vigor 2700 ADSL Router is an ADSL router. The DrayTek Vigor 2700 ADSL router stores the discovered AP SSIDs in the sWlessSurvey variable in variables.js and is handled by the WEB management interface. The attacker can construct a specially crafted SSID value containing the JavaScritp code when added to variables.js. The script is executed by the router. Successfully exploiting this issue may allow an attacker to execute arbitrary commands in the context of the affected device. The vulnerability comes from the fact that the sWlessSurvey variable in the variables.js list does not add the SSID value correctly

Trust: 3.24

sources: NVD: CVE-2013-5703 // CERT/CC: VU#101462 // JVNDB: JVNDB-2013-004831 // CNVD: CNVD-2013-14082 // BID: 63271 // VULHUB: VHN-65705

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-14082

AFFECTED PRODUCTS

vendor:	draytek	model:	vigor 2700 router	scope:	eq	version:	2.8.3	Trust: 1.6
vendor:	draytek	model:	vigor 2700 router	scope:	eq	version:	-	Trust: 1.0
vendor:	draytek	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	draytek	model:	vigor2700	scope:	lte	version:	version 2.8.3	Trust: 0.8
vendor:	draytek	model:	corp vigor adsl router	scope:	eq	version:	27002.3	Trust: 0.6

sources: CERT/CC: VU#101462 // CNVD: CNVD-2013-14082 // JVNDB: JVNDB-2013-004831 // CNNVD: CNNVD-201310-513 // NVD: CVE-2013-5703

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-5703
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-5703
value:	MEDIUM
Trust: 0.8
IPA:	JVNDB-2013-004831
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2013-14082
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201310-513
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-65705
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-5703
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2013-5703
severity:	MEDIUM
baseScore:	4.3
vectorString:	NONE
accessVector:	ADJACENT NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.2
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2013-004831
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2013-14082
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:A/AC:H/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.2
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-65705
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#101462 // CNVD: CNVD-2013-14082 // VULHUB: VHN-65705 // JVNDB: JVNDB-2013-004831 // CNNVD: CNNVD-201310-513 // NVD: CVE-2013-5703

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.9
problemtype:	CWE-77	Trust: 0.8

sources: CERT/CC: VU#101462 // VULHUB: VHN-65705 // JVNDB: JVNDB-2013-004831 // NVD: CVE-2013-5703

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201310-513

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201310-513

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004831

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#101462

PATCH

title:

Vigor2700 Series

url:

http://www.draytek.com.tw/index.php?option=com_k2&view=item&layout=item&id=2553&Itemid=452

Trust: 0.8

sources: JVNDB: JVNDB-2013-004831

EXTERNAL IDS

db:	CERT/CC	id:	VU#101462	Trust: 3.9
db:	NVD	id:	CVE-2013-5703	Trust: 3.4
db:	BID	id:	63271	Trust: 1.0
db:	JVN	id:	JVNVU93851007	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-004831	Trust: 0.8
db:	CNNVD	id:	CNNVD-201310-513	Trust: 0.7
db:	CNVD	id:	CNVD-2013-14082	Trust: 0.6
db:	VULHUB	id:	VHN-65705	Trust: 0.1

sources: CERT/CC: VU#101462 // CNVD: CNVD-2013-14082 // VULHUB: VHN-65705 // BID: 63271 // JVNDB: JVNDB-2013-004831 // CNNVD: CNNVD-201310-513 // NVD: CVE-2013-5703

REFERENCES

url:	http://www.kb.cert.org/vuls/id/101462	Trust: 3.1
url:	http://cwe.mitre.org/data/definitions/77.html	Trust: 0.8
url:	http://www.draytek.com/index.php?option=com_k2&view=item&layout=item&id=2553&itemid=452&lang=en	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5703	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu93851007	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5703	Trust: 0.8

sources: CERT/CC: VU#101462 // CNVD: CNVD-2013-14082 // VULHUB: VHN-65705 // JVNDB: JVNDB-2013-004831 // CNNVD: CNNVD-201310-513 // NVD: CVE-2013-5703

CREDITS

Juraj Kosik

Trust: 0.3

sources: BID: 63271

SOURCES

db:	CERT/CC	id:	VU#101462
db:	CNVD	id:	CNVD-2013-14082
db:	VULHUB	id:	VHN-65705
db:	BID	id:	63271
db:	JVNDB	id:	JVNDB-2013-004831
db:	CNNVD	id:	CNNVD-201310-513
db:	NVD	id:	CVE-2013-5703

LAST UPDATE DATE

2025-04-11T23:12:49.072000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#101462	date:	2013-10-22T00:00:00
db:	CNVD	id:	CNVD-2013-14082	date:	2013-10-25T00:00:00
db:	VULHUB	id:	VHN-65705	date:	2013-10-23T00:00:00
db:	BID	id:	63271	date:	2013-10-22T00:00:00
db:	JVNDB	id:	JVNDB-2013-004831	date:	2013-10-24T00:00:00
db:	CNNVD	id:	CNNVD-201310-513	date:	2013-10-23T00:00:00
db:	NVD	id:	CVE-2013-5703	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#101462	date:	2013-10-22T00:00:00
db:	CNVD	id:	CNVD-2013-14082	date:	2013-10-25T00:00:00
db:	VULHUB	id:	VHN-65705	date:	2013-10-22T00:00:00
db:	BID	id:	63271	date:	2013-10-22T00:00:00
db:	JVNDB	id:	JVNDB-2013-004831	date:	2013-10-24T00:00:00
db:	CNNVD	id:	CNNVD-201310-513	date:	2013-10-23T00:00:00
db:	NVD	id:	CVE-2013-5703	date:	2013-10-22T22:55:07.347