Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-7293

The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always resolve to 192.168.1.1, which makes it easier for remote attackers to hijack the configuration traffic by controlling the server associated with that hostname.

Published

2014-01-15T16:13:03.757

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-16
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	asus	wl-330nul	-	Yes

References

http://www.kb.cert.org/vuls/id/191750 Third Party Advisory, US Government Resource ([email protected])
http://www.securityfocus.com/bid/64799 ([email protected])
http://www.kb.cert.org/vuls/id/191750 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/64799 (af854a3a-2127-422b-91ae-364da2661108)