cvelistv5 - CVE-2013-5620

CVE-2013-5620 (GCVE-0-2013-5620)

Vulnerability from cvelistv5 – Published: 2013-09-17 10:00 – Updated: 2024-09-17 03:48

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2013-09-17T10:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-5620",
    "datePublished": "2013-09-17T10:00:00Z",
    "dateRejected": "2022-10-03T00:00:00",
    "dateReserved": "2013-08-26T00:00:00Z",
    "dateUpdated": "2024-09-17T03:48:43.774Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.0",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions\"}]",
      "id": "CVE-2013-5620",
      "lastModified": "2023-11-07T02:16:43.840",
      "published": "2013-09-17T12:04:24.773",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Rejected"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-5620\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-09-17T12:04:24.773\",\"lastModified\":\"2023-11-07T02:16:43.840\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions\"}],\"metrics\":{},\"references\":[]}}"
  }
}

GSD-2013-5620

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions.

Aliases

CVE-2013-5620

Aliases

CVE-2013-5620

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-5620",
    "description": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions.",
    "id": "GSD-2013-5620",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2013-5620"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-5620"
      ],
      "details": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions.",
      "id": "GSD-2013-5620",
      "modified": "2023-12-13T01:22:21.208153Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-5620",
        "STATE": "REJECT"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions."
          }
        ]
      }
    }
  }
}

FKIE_CVE-2013-5620

Vulnerability from fkie_nvd - Published: 2013-09-17 12:04 - Updated: 2023-11-07 02:16

Severity ?

Summary

References

	URL	Tags

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions"
    }
  ],
  "id": "CVE-2013-5620",
  "lastModified": "2023-11-07T02:16:43.840",
  "metrics": {},
  "published": "2013-09-17T12:04:24.773",
  "references": [],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Rejected"
}

VAR-201309-0455

Vulnerability from variot - Updated: 2023-12-18 12:09

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions. Zoom X4 and X5 are ADSL router devices. Multiple Zoom Telephonics devices have information leaks, verification bypasses and SQL injection vulnerabilities that allow remote attackers to exploit these vulnerabilities to gain unauthorized access, obtain sensitive information, and modify and access device data. Multiple Zoom Telephonics devices are prone to an information-disclosure vulnerability, multiple authentication bypass vulnerabilities and an SQL-injection vulnerability. They were first reported on June 28th, 2013 and partial disclosure was made on July 9, 2013.

----------------------------------------------------------------------------------------------------------------

Directory Traversal/Unauthenticated access to administrative panels

CVSS Base Score 9.7 Impact Subscore 9.5 Temporal Score: 8.3 (AV:N/AC:L/Au:N/C:P/I:C/A:C/E:F/RL:W/RC:UR/CDP:H/TD:H/CR:ND/IR:ND/AR:ND) CWE-22: Improper Limitation of a Pathname to a Restricted Directory

CVE-2013-5622 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X 3.2 CVE-2013-5627 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X 3.0.X CVE-2013-5624 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X 3.0.X

By simply placing the following two URLs into a web browser, a vulnerability will all models and firmware versions allow for bypass of administrative credential challenge. All models and firmware versions can access these pages with no authentication. An un-authenticated user can preform almost all administrative tasks once the authentication is bypassed.

http:///hag/pages/toc.htm (--Menu Banner) http:///hag/pages/toolbox.htm (-Advanced Options Menu)

Improper handling of unexpected characters/data

CVSS Base Score 8.3 Impact Subscore 8.5 Temporal Score: 6.7 (AV:N/AC:M/Au:N/C:P/I:P/A:C/E:POC/RL:W/RC:UR) CWE-241: Improper Handling of Unexpected Data Type

CVE-2013-5623 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X 3.2 CVE-2013-5628 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X 3.0.X CVE-2013-5631 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X 3.0.X CVE-2013-5632 - Zoom ADSL Bridge Modem Model 5715; all firmware versions CVE-2013-5633 - Zoom USB ADSL Modem Model 5510B; all firmware versions

When an unexpected/illegal character is added to the end of any URL which calls a value, such as http:///MainPage?id=25' the browser will immediately redirect the browser to the "System Status" page without authentication, where links to each interface (i.e. eth-0,usb-0,etc) is both selectable whose properties can be edited.

Plain text storage of ISP/PPPoe usernames/passwords

CVSS Base Score 6.8 Impact Subscore 6.4 Temporal Score: 8.6 (AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR) CWE-311: Missing Encryption of Sensitive Data

CVE-2013-5620 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X 3.2 CVE-2013-5626 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X 3.0.X CVE-2013-5629 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X 3.0.X

The following command will display the ISP usernames and passwords. (The print value may vary slightly based on firmware.)

Proof of Concept curl -s http:///MainPage?id=25 |egrep -i 'MacWanPasswd'|awk '{ print $8 }' value="wanpasswd1" ('or similar')

curl -s http:///MainPage?id=25 |egrep -i 'MacWanUsrName'|awk '{ print $21 }' value="user@usersisp.net" ('or similar')

Unauthenticated direct execution of administrative tasks

CVSS Base Score 10.0 Impact Subscore 10.0 Temporal Score: 8.6 (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:W/RC:UR/CDP:H/TD:H/CR:ND/IR:ND/AR:ND) CWE-285: Improper Authorization

CVE-2013-5621 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X CVE-2013-5625 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X CVE-2013-5630 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X

Administrative authentication can be bypassed and commands directly executed with specially crafted commands.

Proofs of Concept -

Create New Acct Admin or Intermediate - (all PW and admin names are 'or similar')

http:///hag/emweb/PopOutUserAdd.htm?id=70&user_id="newintermediateaccount"&priv=v2&pass1="123456"&pass2="123456"&cmdSubmit=Save+Changes

Clear Logs

http:///Action?id=76&cmdClear+Log=Clear+Log

Fixes/Patches: There are no known patches or fixes for these vulnerabilities at this time.

Workaround: It is advised to turn off all remote administrative access to the router. This workaround however, will not prevent local attacks.

External Links http://www.osvdb.org/show/osvdb/95071 http://xforce.iss.net/xforce/xfdb/85612 http://www.idappcom.com/db/?7819

Vendor Links http://www.zoomtel.com/products/5715.html http://www.zoomtel.com/graphics/datasheets/adsl/USB_3104_5510B.pdf http://www.zoomtel.com/products/adsl_overview.html http://www.zoomtel.com/products/5760.html http://www.zoomtel.com/products/5751.html http://www.zoomtel.com/products/5754.html

Discovered - 06-28-2013 Updated - 09/01/2013 Research Contact - K Lovett Affiliation - QuattroSG

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201309-0455",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "adsl modem and router",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "zoom telephonics",
        "version": "x5"
      },
      {
        "model": "adsl modem and router",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "zoom telephonics",
        "version": "x4"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Kyle Lovett",
    "sources": [
      {
        "db": "BID",
        "id": "61044"
      },
      {
        "db": "PACKETSTORM",
        "id": "123053"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ],
    "trust": 1.0
  },
  "cve": "CVE-2013-5620",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-09590",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2013-09590",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA.  Notes: The posting will later have IDs assigned in accordance with CVE content decisions. Zoom X4 and X5 are ADSL router devices. Multiple Zoom Telephonics devices have information leaks, verification bypasses and SQL injection vulnerabilities that allow remote attackers to exploit these vulnerabilities to gain unauthorized access, obtain sensitive information, and modify and access device data. Multiple Zoom Telephonics devices are prone to an information-disclosure vulnerability, multiple  authentication bypass vulnerabilities and an SQL-injection vulnerability. They were first reported on June 28th, 2013 and\npartial disclosure was made on July 9, 2013. \n\n----------------------------------------------------------------------------------------------------------------\n----------------------------------------------------------------------------------------------------------------\n\nDirectory Traversal/Unauthenticated access to administrative panels\n\nCVSS Base Score 9.7\nImpact Subscore 9.5\nTemporal Score: 8.3\n(AV:N/AC:L/Au:N/C:P/I:C/A:C/E:F/RL:W/RC:UR/CDP:H/TD:H/CR:ND/IR:ND/AR:ND)\nCWE-22: Improper Limitation of a Pathname to a Restricted Directory\n\nCVE-2013-5622 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X\n2.2.X 2.5.X 3.2\nCVE-2013-5627 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X 3.0.X\nCVE-2013-5624 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X\n2.2.X 2.5.X 3.0.X\n\n\nBy simply placing the following two URLs into a web browser, a\nvulnerability will all models and firmware versions allow for bypass\nof administrative credential challenge. All models and firmware\nversions can access these pages with no authentication. An\nun-authenticated user can preform almost all administrative tasks once\nthe authentication is bypassed. \n\nhttp://\u003cIP\u003e/hag/pages/toc.htm (--Menu Banner)\nhttp://\u003cIP\u003e/hag/pages/toolbox.htm (-Advanced Options Menu)\n\n\n----------------------------------------------------------------------------------------------------------------\n\n\nImproper handling of unexpected characters/data\n\nCVSS Base Score 8.3\nImpact Subscore 8.5\nTemporal Score: 6.7\n(AV:N/AC:M/Au:N/C:P/I:P/A:C/E:POC/RL:W/RC:UR)\nCWE-241: Improper Handling of Unexpected Data Type\n\nCVE-2013-5623 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X\n2.2.X 2.5.X 3.2\nCVE-2013-5628 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X 3.0.X\nCVE-2013-5631 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X\n2.2.X 2.5.X 3.0.X\nCVE-2013-5632 - Zoom ADSL Bridge Modem Model 5715; all firmware versions\nCVE-2013-5633 - Zoom USB ADSL Modem Model 5510B; all firmware versions\n\nWhen an unexpected/illegal character is added to the end of any URL\nwhich calls a value, such as http://\u003cIP\u003e/MainPage?id=25\u0027 the browser\nwill immediately redirect the browser to the \"System Status\" page\nwithout authentication, where links to each interface (i.e. \neth-0,usb-0,etc) is both selectable whose properties can be edited. \n\n\n----------------------------------------------------------------------------------------------------------------\n\nPlain text storage of ISP/PPPoe usernames/passwords\n\nCVSS Base Score 6.8\nImpact Subscore 6.4\nTemporal Score: 8.6\n(AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR)\nCWE-311: Missing Encryption of Sensitive Data\n\nCVE-2013-5620 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X\n2.2.X 2.5.X 3.2\nCVE-2013-5626 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X 3.0.X\nCVE-2013-5629 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X\n2.2.X 2.5.X 3.0.X\n\nThe following command will display the ISP usernames and passwords. \n(The print value may vary slightly based on firmware.)\n\nProof of Concept\ncurl -s http://\u003cIP\u003e/MainPage?id=25 |egrep -i \u0027MacWanPasswd\u0027|awk \u0027{ print $8 }\u0027\n   value=\"wanpasswd1\" (\u0027or similar\u0027)\n\ncurl -s http://\u003cIP\u003e/MainPage?id=25 |egrep -i \u0027MacWanUsrName\u0027|awk \u0027{ print $21 }\u0027\n   value=\"user@usersisp.net\" (\u0027or similar\u0027)\n\n\n----------------------------------------------------------------------------------------------------------------\n\nUnauthenticated direct execution of administrative tasks\n\nCVSS Base Score 10.0\nImpact Subscore 10.0\nTemporal Score: 8.6\n(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:W/RC:UR/CDP:H/TD:H/CR:ND/IR:ND/AR:ND)\nCWE-285: Improper Authorization\n\nCVE-2013-5621 - Zoom X3 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X\nCVE-2013-5625 - Zoom X4 ADSL Modem Firmware 1.0.X 2.0.X 2.1.X 2.5.X\nCVE-2013-5630 - Zoom X5 ADSL Modem Firmware 1.0.X 1.1.X 2.0.X 2.1.X 2.2.X 2.5.X\n\nAdministrative authentication can be bypassed and commands directly\nexecuted with specially crafted commands. \n\nProofs of Concept -\n\nCreate New Acct Admin or Intermediate - (all PW and admin names are\n\u0027or similar\u0027)\n\nhttp://\u003cIP\u003e/hag/emweb/PopOutUserAdd.htm?id=70\u0026user_id=\"newintermediateaccount\"\u0026priv=v2\u0026pass1=\"123456\"\u0026pass2=\"123456\"\u0026cmdSubmit=Save+Changes\n\n\nClear Logs\n\nhttp://\u003cIP\u003e/Action?id=76\u0026cmdClear+Log=Clear+Log\n\n----------------------------------------------------------------------------------------------------------------\n\nFixes/Patches:\nThere are no known patches or fixes for these vulnerabilities at this time. \n\n\nWorkaround:\nIt is advised to turn off all remote administrative access to the\nrouter. This workaround however, will not prevent local attacks. \n\n----------------------------------------------------------------------------------------------------------------\n\nExternal Links\nhttp://www.osvdb.org/show/osvdb/95071\nhttp://xforce.iss.net/xforce/xfdb/85612\nhttp://www.idappcom.com/db/?7819\n\n\nVendor Links\nhttp://www.zoomtel.com/products/5715.html\nhttp://www.zoomtel.com/graphics/datasheets/adsl/USB_3104_5510B.pdf\nhttp://www.zoomtel.com/products/adsl_overview.html\nhttp://www.zoomtel.com/products/5760.html\nhttp://www.zoomtel.com/products/5751.html\nhttp://www.zoomtel.com/products/5754.html\n\n\nDiscovered - 06-28-2013\nUpdated - 09/01/2013\nResearch Contact - K Lovett\nAffiliation - QuattroSG\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5620"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      },
      {
        "db": "BID",
        "id": "61044"
      },
      {
        "db": "PACKETSTORM",
        "id": "123053"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-5620",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "61044",
        "trust": 1.5
      },
      {
        "db": "EXPLOIT-DB",
        "id": "26736",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-225",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "85612",
        "trust": 0.1
      },
      {
        "db": "OSVDB",
        "id": "95071",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "123053",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      },
      {
        "db": "BID",
        "id": "61044"
      },
      {
        "db": "PACKETSTORM",
        "id": "123053"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5620"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ]
  },
  "id": "VAR-201309-0455",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:09:03.051000Z",
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 0.6,
        "url": "http://www.exploit-db.com/exploits/26736/"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/61044"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5623"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5620"
      },
      {
        "trust": 0.1,
        "url": "http://www.zoomtel.com/products/5754.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5627"
      },
      {
        "trust": 0.1,
        "url": "http://xforce.iss.net/xforce/xfdb/85612"
      },
      {
        "trust": 0.1,
        "url": "http://www.zoomtel.com/products/5715.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5625"
      },
      {
        "trust": 0.1,
        "url": "http://\u003cip\u003e/hag/pages/toc.htm"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5630"
      },
      {
        "trust": 0.1,
        "url": "http://www.zoomtel.com/products/5760.html"
      },
      {
        "trust": 0.1,
        "url": "http://\u003cip\u003e/mainpage?id=25\u0027"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5626"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5629"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5621"
      },
      {
        "trust": 0.1,
        "url": "http://www.osvdb.org/show/osvdb/95071"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5628"
      },
      {
        "trust": 0.1,
        "url": "http://\u003cip\u003e/action?id=76\u0026cmdclear+log=clear+log"
      },
      {
        "trust": 0.1,
        "url": "http://www.zoomtel.com/products/adsl_overview.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5632"
      },
      {
        "trust": 0.1,
        "url": "http://www.zoomtel.com/graphics/datasheets/adsl/usb_3104_5510b.pdf"
      },
      {
        "trust": 0.1,
        "url": "http://\u003cip\u003e/hag/pages/toolbox.htm"
      },
      {
        "trust": 0.1,
        "url": "http://www.zoomtel.com/products/5751.html"
      },
      {
        "trust": 0.1,
        "url": "http://\u003cip\u003e/mainpage?id=25"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5631"
      },
      {
        "trust": 0.1,
        "url": "http://www.idappcom.com/db/?7819"
      },
      {
        "trust": 0.1,
        "url": "http://\u003cip\u003e/hag/emweb/popoutuseradd.htm?id=70\u0026user_id=\"newintermediateaccount\"\u0026priv=v2\u0026pass1=\"123456\"\u0026pass2=\"123456\"\u0026cmdsubmit=save+changes"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5622"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5633"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5624"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      },
      {
        "db": "PACKETSTORM",
        "id": "123053"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      },
      {
        "db": "BID",
        "id": "61044"
      },
      {
        "db": "PACKETSTORM",
        "id": "123053"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5620"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-07-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      },
      {
        "date": "2013-07-09T00:00:00",
        "db": "BID",
        "id": "61044"
      },
      {
        "date": "2013-09-02T19:12:00",
        "db": "PACKETSTORM",
        "id": "123053"
      },
      {
        "date": "2013-09-17T12:04:24.773000",
        "db": "NVD",
        "id": "CVE-2013-5620"
      },
      {
        "date": "2013-07-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-07-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      },
      {
        "date": "2013-09-03T00:11:00",
        "db": "BID",
        "id": "61044"
      },
      {
        "date": "2023-11-07T02:16:43.840000",
        "db": "NVD",
        "id": "CVE-2013-5620"
      },
      {
        "date": "2013-09-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple vulnerabilities in multiple Zoom Telephonics devices",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-09590"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-225"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-5620 (GCVE-0-2013-5620)

GSD-2013-5620

FKIE_CVE-2013-5620

VAR-201309-0455

----------------------------------------------------------------------------------------------------------------

Tags

Sightings

Nomenclature