ID
VAR-201311-0241
CVE
CVE-2013-6918
TITLE
Satechi Smart Travel Router Web Management Console Remote Authentication Bypass Vulnerability
Trust: 0.9
DESCRIPTION
The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the "Web Management via WAN" setting, which allows remote attackers to bypass intended access restrictions via HTTP requests. The Satechi Smart Travel Router is a wireless router device. A remote attacker can bypass the access restriction control device by submitting an HTTP request. Satechi Travel Router is a portable router product of American Satechi Company that includes standard international plug adapters, USB chargers and WiFi (802.11b/g/n) routers
Trust: 2.61
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | satechi | model: | smart travel router | scope: | eq | version: | 1.5 | Trust: 3.0 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-264 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
permissions and access control
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Satechi Smart Travel Router | url: | http://www.satechi.net/index.php/satechi-smart-travel-router | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2013-6918 | Trust: 3.5 |
| db: | BID | id: | 64030 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2013-005332 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201311-480 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2013-14852 | Trust: 0.6 |
| db: | BUGTRAQ | id: | 20131122 UNAUTHORIZED CONSOLE ACCESS ON SATECHI TRAVEL ROUTER V1.5 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-66920 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2013-6918 | Trust: 0.1 |
REFERENCES
| url: | http://archives.neohapsis.com/archives/bugtraq/2013-11/0123.html | Trust: 3.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6918 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6918 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/264.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
| url: | https://www.securityfocus.com/bid/64030 | Trust: 0.1 |
CREDITS
Luc Dore
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2013-14852 |
| db: | VULHUB | id: | VHN-66920 |
| db: | VULMON | id: | CVE-2013-6918 |
| db: | BID | id: | 64030 |
| db: | JVNDB | id: | JVNDB-2013-005332 |
| db: | CNNVD | id: | CNNVD-201311-480 |
| db: | NVD | id: | CVE-2013-6918 |
LAST UPDATE DATE
2025-04-11T23:10:35.165000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2013-14852 | date: | 2013-12-04T00:00:00 |
| db: | VULHUB | id: | VHN-66920 | date: | 2014-03-05T00:00:00 |
| db: | VULMON | id: | CVE-2013-6918 | date: | 2014-03-05T00:00:00 |
| db: | BID | id: | 64030 | date: | 2013-12-02T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-005332 | date: | 2013-12-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-201311-480 | date: | 2013-12-06T00:00:00 |
| db: | NVD | id: | CVE-2013-6918 | date: | 2025-04-11T00:51:21.963 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2013-14852 | date: | 2013-12-04T00:00:00 |
| db: | VULHUB | id: | VHN-66920 | date: | 2013-11-30T00:00:00 |
| db: | VULMON | id: | CVE-2013-6918 | date: | 2013-11-30T00:00:00 |
| db: | BID | id: | 64030 | date: | 2013-12-02T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-005332 | date: | 2013-12-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-201311-480 | date: | 2013-11-30T00:00:00 |
| db: | NVD | id: | CVE-2013-6918 | date: | 2013-11-30T11:43:54.663 |