Vulnerabilites related to asus - rt-n10e_firmware
Vulnerability from fkie_nvd
Published
2014-04-22 13:06
Modified
2025-04-12 10:46
Severity ?
Summary
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.
References
cve@mitre.orghttp://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
cve@mitre.orghttp://seclists.org/fulldisclosure/2014/Apr/225
cve@mitre.orghttp://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
cve@mitre.orghttps://support.t-mobile.com/docs/DOC-21994
af854a3a-2127-422b-91ae-364da2661108http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Apr/225
af854a3a-2127-422b-91ae-364da2661108http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
af854a3a-2127-422b-91ae-364da2661108https://support.t-mobile.com/docs/DOC-21994
Impacted products
Vendor Product Version
asus rt-ac66u_firmware 3.0.0.4.140
asus rt-ac66u_firmware 3.0.0.4.220
asus rt-ac66u_firmware 3.0.0.4.246
asus rt-ac66u_firmware 3.0.0.4.260
asus rt-ac66u_firmware 3.0.0.4.270
asus rt-ac66u_firmware 3.0.0.4.354
asus rt-ac68u_firmware 3.0.0.4.374.4755
asus rt-ac68u_firmware 3.0.0.4.374_4561
asus rt-ac68u_firmware 3.0.0.4.374_4887
asus rt-n10e_firmware 2.0.0.7
asus rt-n10e_firmware 2.0.0.10
asus rt-n10e_firmware 2.0.0.16
asus rt-n10e_firmware 2.0.0.19
asus rt-n10e_firmware 2.0.0.20
asus rt-n10e_firmware 2.0.0.24
asus rt-n10e_firmware 2.0.0.25
asus rt-n14u_firmware 3.0.0.4.322
asus rt-n14u_firmware 3.0.0.4.356
asus rt-n16_firmware 1.0.1.9
asus rt-n16_firmware 1.0.2.3
asus rt-n16_firmware 3.0.0.3.108
asus rt-n16_firmware 3.0.0.3.162
asus rt-n16_firmware 3.0.0.3.178
asus rt-n16_firmware 3.0.0.4.220
asus rt-n16_firmware 3.0.0.4.246
asus rt-n16_firmware 3.0.0.4.260
asus rt-n16_firmware 3.0.0.4.354
asus rt-n16_firmware 7.0.2.38b
asus rt-n56u_firmware 1.0.1.4
asus rt-n56u_firmware 1.0.1.4o
asus rt-n56u_firmware 1.0.1.7c
asus rt-n56u_firmware 1.0.1.7f
asus rt-n56u_firmware 1.0.1.8j
asus rt-n56u_firmware 1.0.1.8l
asus rt-n56u_firmware 1.0.1.8n
asus rt-n56u_firmware 3.0.0.4.318
asus rt-n56u_firmware 3.0.0.4.334
asus rt-n56u_firmware 3.0.0.4.342
asus rt-n56u_firmware 3.0.0.4.360
asus rt-n56u_firmware 7.0.1.21
asus rt-n56u_firmware 7.0.1.32
asus rt-n56u_firmware 8.1.1.4
asus rt-n65u_firmware 3.0.0.3.134
asus rt-n65u_firmware 3.0.0.3.176
asus rt-n65u_firmware 3.0.0.4.260
asus rt-n65u_firmware 3.0.0.4.334
asus rt-n65u_firmware 3.0.0.4.342
asus rt-n65u_firmware 3.0.0.4.346
asus rt-n66u_firmware 3.0.0.4.272
asus rt-n66u_firmware 3.0.0.4.370
asus rt-ac68u -
t-mobile tm-ac1900 3.0.0.4.376_3169


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.140:*:*:*:*:*:*:*",
                     matchCriteriaId: "A946A449-7623-48FE-878A-E17DA2F41A11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.220:*:*:*:*:*:*:*",
                     matchCriteriaId: "A023852A-84B7-4937-886D-8893CD778DDF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.246:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDB8B4AB-0EF4-4963-AE20-F4F1C3ABFC26",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
                     matchCriteriaId: "553DE051-C59F-4B16-A733-C2055B14DB1E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.270:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE944A-EF53-4F57-8A86-7DE209F00D17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.354:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AE0E4E9-B08F-4DB3-A5D5-DBCDA81E4200",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755:*:*:*:*:*:*:*",
                     matchCriteriaId: "536FCD9A-4DBA-465D-8FE8-9E9D815BAB81",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E3E3F39-1F5A-4AE5-A379-3344BFC1E00D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887:*:*:*:*:*:*:*",
                     matchCriteriaId: "753D3C81-F078-47B9-8D0B-822EBE9443AE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEB012B3-5C57-4310-8F1A-208D2E470A6C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F1D15BC-D83F-4949-863B-817FA2A0A23D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.16:*:*:*:*:*:*:*",
                     matchCriteriaId: "0ACDCE11-5422-4AB1-AC89-3C3DF05FDE1C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.19:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C7607C5-EF0C-40FA-BADA-2316BA4A5E41",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "340D98A2-2018-4A24-B654-3A7032FCE518",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.24:*:*:*:*:*:*:*",
                     matchCriteriaId: "94999CA4-A60A-4F1E-8933-2CB1CA9D83A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "132C4DDD-5914-47E0-BDBA-E918E7F0E747",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.322:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7A0A4C1-226A-42D5-A728-CBB7D2B02A50",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.356:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A04943B-0627-4B6D-A01A-3722F7025723",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:1.0.1.9:*:*:*:*:*:*:*",
                     matchCriteriaId: "C76611FB-9811-48E5-8F16-824A15CFC226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:1.0.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "6887911A-9CD0-419C-AE2E-932F8AD179DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.108:*:*:*:*:*:*:*",
                     matchCriteriaId: "65D943A4-CD5D-4381-8C4F-FF4FC600F226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.162:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AA3CD4B-B518-459B-AFF5-CCFF47D3BAEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.178:*:*:*:*:*:*:*",
                     matchCriteriaId: "939D788D-BFF7-4DEB-8C47-751532E4AC36",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.220:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF6BBB0E-D69B-4854-8A5C-D6C20ABB857E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.246:*:*:*:*:*:*:*",
                     matchCriteriaId: "8C1CCB22-3D8D-4618-819B-2EA14C42A4C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
                     matchCriteriaId: "715FFC31-33A1-469E-BF65-4749F6643EEF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.354:*:*:*:*:*:*:*",
                     matchCriteriaId: "C1A3AFBC-A89F-4037-B863-55F7791A3635",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n16_firmware:7.0.2.38b:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0EAF76-C2F8-4AD5-BF3D-0922DEED7B46",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D8E3CB7-1ADA-428C-881F-BB266991F39D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4o:*:*:*:*:*:*:*",
                     matchCriteriaId: "699F6C57-F1AE-4AF5-BF56-529D41C91068",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7c:*:*:*:*:*:*:*",
                     matchCriteriaId: "F17E0B8C-7BA1-4FC5-84EC-4FFC87A9AC12",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7f:*:*:*:*:*:*:*",
                     matchCriteriaId: "69C68ABB-391D-45D8-9250-D93F8BFE305C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8j:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1FDDF9C-4C30-4AAC-9449-7404181071B9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8l:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DE8F24A-837B-4198-B8F6-E42386D2F524",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8n:*:*:*:*:*:*:*",
                     matchCriteriaId: "14A9D580-ACD6-4F2F-9322-E6B4C72C8BE9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.318:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2660735-2247-42D9-9BAA-D785D18E6F51",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.334:*:*:*:*:*:*:*",
                     matchCriteriaId: "401BB537-95FB-4BFB-BC40-CD73817D7E9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.342:*:*:*:*:*:*:*",
                     matchCriteriaId: "04A7CA72-DFAD-4E9A-BB3E-EAE9973C19C7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.360:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3C65A6B-4F24-4DFE-B478-49BEE4A5FC65",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.21:*:*:*:*:*:*:*",
                     matchCriteriaId: "64BCA764-5BAD-4CAB-B39F-A1D67E44EDA9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.32:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CF40558-B7F8-4A2B-9819-EE3DD2C183AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n56u_firmware:8.1.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F70D82C1-764C-4DF0-B296-964602D0EC54",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.134:*:*:*:*:*:*:*",
                     matchCriteriaId: "02E9974C-F3E1-4145-865F-974982804823",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.176:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3979CD4-DFBC-460C-8E92-879F7C355D52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
                     matchCriteriaId: "1EA3F63E-F4FA-4066-AEA0-B1149E4B1190",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.334:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E9A77E0-1CC3-4E07-B99A-8DC750C982F8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.342:*:*:*:*:*:*:*",
                     matchCriteriaId: "642056A2-9B4E-465C-8333-392C70D658AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.346:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E68C357-45E5-4086-9697-A9DD75E22063",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.272:*:*:*:*:*:*:*",
                     matchCriteriaId: "82C3DA99-69D6-4C2D-B485-7785EEDA38F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.370:*:*:*:*:*:*:*",
                     matchCriteriaId: "16CE2D06-AFAB-4284-9C63-A088F4ACEBAB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*",
                     matchCriteriaId: "919D9673-1FCA-431D-9F30-643AAEFAC1DA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.",
      },
      {
         lang: "es",
         value: "Advanced_System_Content.asp en routers de la serie ASUS RT con firmware anterior a 3.0.0.4.374.5517, cuando una sesión de administrador está activa, permite a usuarios remotos autenticados obtener el nombre de usuario y contraseña del administrador mediante la lectura del código fuente.",
      },
   ],
   id: "CVE-2014-2719",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 6.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:S/C:C/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 6.8,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2014-04-22T13:06:29.493",
   references: [
      {
         source: "cve@mitre.org",
         url: "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html",
      },
      {
         source: "cve@mitre.org",
         url: "http://seclists.org/fulldisclosure/2014/Apr/225",
      },
      {
         source: "cve@mitre.org",
         url: "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29",
      },
      {
         source: "cve@mitre.org",
         url: "https://support.t-mobile.com/docs/DOC-21994",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://seclists.org/fulldisclosure/2014/Apr/225",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.t-mobile.com/docs/DOC-21994",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-200",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2013-10-05 10:55
Modified
2025-04-11 00:51
Severity ?
Summary
qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.
References
cret@cert.orghttp://www.kb.cert.org/vuls/id/984366US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/984366US Government Resource
Impacted products
Vendor Product Version
asus rt-n10e_firmware *
asus rt-n10e_firmware 2.0.0.7
asus rt-n10e_firmware 2.0.0.10
asus rt-n10e_firmware 2.0.0.16
asus rt-n10e_firmware 2.0.0.19
asus rt-n10e_firmware 2.0.0.20
asus rt-n10e -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5653E47A-FE04-45F5-9218-021C10B7FD45",
                     versionEndIncluding: "2.0.0.24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEB012B3-5C57-4310-8F1A-208D2E470A6C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F1D15BC-D83F-4949-863B-817FA2A0A23D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.16:*:*:*:*:*:*:*",
                     matchCriteriaId: "0ACDCE11-5422-4AB1-AC89-3C3DF05FDE1C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.19:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C7607C5-EF0C-40FA-BADA-2316BA4A5E41",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "340D98A2-2018-4A24-B654-3A7032FCE518",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.",
      },
      {
         lang: "es",
         value: "qis/QIS_finish.htm en el router ASUS RT-N10E con firmware anterior a la versión 2.0.0.25 no requiere autenticación, lo que permite a atacantes remotos descubrir la contraseña de administrador a través de una petición directa.",
      },
   ],
   id: "CVE-2013-3610",
   lastModified: "2025-04-11T00:51:21.963",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:C/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2013-10-05T10:55:03.493",
   references: [
      {
         source: "cret@cert.org",
         tags: [
            "US Government Resource",
         ],
         url: "http://www.kb.cert.org/vuls/id/984366",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "US Government Resource",
         ],
         url: "http://www.kb.cert.org/vuls/id/984366",
      },
   ],
   sourceIdentifier: "cret@cert.org",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-287",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

CVE-2014-2719 (GCVE-0-2014-2719)
Vulnerability from cvelistv5
Published
2014-04-21 14:00
Modified
2024-08-06 10:21
Severity ?
Summary
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.
References
http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.htmlx_refsource_MISC
http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2014/Apr/225mailing-list, x_refsource_FULLDISC
https://support.t-mobile.com/docs/DOC-21994x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T10:21:36.055Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29",
               },
               {
                  name: "20140416 ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517",
                  tags: [
                     "mailing-list",
                     "x_refsource_FULLDISC",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2014/Apr/225",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.t-mobile.com/docs/DOC-21994",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-04-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2015-09-16T13:57:02",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29",
            },
            {
               name: "20140416 ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517",
               tags: [
                  "mailing-list",
                  "x_refsource_FULLDISC",
               ],
               url: "http://seclists.org/fulldisclosure/2014/Apr/225",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.t-mobile.com/docs/DOC-21994",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2014-2719",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html",
                     refsource: "MISC",
                     url: "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html",
                  },
                  {
                     name: "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29",
                     refsource: "CONFIRM",
                     url: "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29",
                  },
                  {
                     name: "20140416 ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517",
                     refsource: "FULLDISC",
                     url: "http://seclists.org/fulldisclosure/2014/Apr/225",
                  },
                  {
                     name: "https://support.t-mobile.com/docs/DOC-21994",
                     refsource: "CONFIRM",
                     url: "https://support.t-mobile.com/docs/DOC-21994",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2014-2719",
      datePublished: "2014-04-21T14:00:00",
      dateReserved: "2014-04-01T00:00:00",
      dateUpdated: "2024-08-06T10:21:36.055Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2013-3610 (GCVE-0-2013-3610)
Vulnerability from cvelistv5
Published
2013-10-05 10:00
Modified
2024-09-16 17:43
Severity ?
Summary
qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.
References
http://www.kb.cert.org/vuls/id/984366third-party-advisory, x_refsource_CERT-VN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T16:14:56.550Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "VU#984366",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "http://www.kb.cert.org/vuls/id/984366",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2013-10-05T10:00:00Z",
            orgId: "37e5125f-f79b-445b-8fad-9564f167944b",
            shortName: "certcc",
         },
         references: [
            {
               name: "VU#984366",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "http://www.kb.cert.org/vuls/id/984366",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cert@cert.org",
               ID: "CVE-2013-3610",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "VU#984366",
                     refsource: "CERT-VN",
                     url: "http://www.kb.cert.org/vuls/id/984366",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b",
      assignerShortName: "certcc",
      cveId: "CVE-2013-3610",
      datePublished: "2013-10-05T10:00:00Z",
      dateReserved: "2013-05-21T00:00:00Z",
      dateUpdated: "2024-09-16T17:43:00.942Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}