Details of VAR-201609-0692

ID

VAR-201609-0692

TITLE

ASUS RT-N10E Code Execution Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-07614

DESCRIPTION

ASUSRT-N10EWirelessRouter is a wireless router device developed by ASUS. ASUSRT-N10E has a code execution vulnerability. An attacker can exploit a vulnerability in a partial system command to possibly execute a system command. The code can also be executed by a cross-site request forgery attack.

Trust: 0.6

sources: CNVD: CNVD-2016-07614

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-07614

AFFECTED PRODUCTS

vendor:

asus

model:

rt-n10 with

scope:

version:

1.9.2.7

Trust: 0.6

sources: CNVD: CNVD-2016-07614

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-07614
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2016-07614
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-07614

EXTERNAL IDS

db:

CNVD

id:

CNVD-2016-07614

Trust: 0.6

sources: CNVD: CNVD-2016-07614

REFERENCES

url:

http://seclists.org/fulldisclosure/2016/sep/36

Trust: 0.6

sources: CNVD: CNVD-2016-07614

SOURCES

db:

CNVD

id:

CNVD-2016-07614

LAST UPDATE DATE

2022-05-04T09:11:46.604000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-07614

date:

2016-09-18T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2016-07614

date:

2016-09-18T00:00:00