Lucene search

MitreCVE-2013-3068

HistorySep 29, 2014 - 10:55 p.m.

CVE-2013-3068

2014-09-2922:55:08

CWE-352

mitre

web.nvd.nist.gov

csrf

vulnerability

linksys

wrt310nv2

apply.cgi

remote management ports

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

52.1%

JSON

Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksys WRT310Nv2 2.0.0.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords and modify remote management ports.

Affected configurations

Nvd

Node

ciscolinksys_wrt310n_router_firmwareMatch2.0.0.1

AND

ciscolinksys_wrt350nMatch2.0

VendorProductVersionCPE
ciscolinksys_wrt310n_router_firmware2.0.0.1cpe:/a:cisco:linksys_wrt310n_router_firmware:2.0.0.1:::
ciscolinksys_wrt350n2.0cpe:/h:cisco:linksys_wrt350n:2.0:::

Vendor	Product	Version	CPE
cisco	linksys_wrt310n_router_firmware	2.0.0.1	cpe:/a:cisco:linksys_wrt310n_router_firmware:2.0.0.1:::
cisco	linksys_wrt350n	2.0	cpe:/h:cisco:linksys_wrt350n:2.0:::

References

securityevaluators.com/knowledge/case_studies/routers/linksys_wrt310v2.php

securityevaluators.com/knowledge/case_studies/routers/soho_router_hacks.php

Social References

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

52.1%

JSON

Related for CVE-2013-3068