CVE-2013-6026

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
dlinkdi-524up
-
dlinkdi-604\+
-
dlinkdi-604s
-
dlinkdi-604up
-
dlinkdi-624s
-
dlinkdir-100
-
dlinkdir-120
-
dlinktm-g5240
-
alphanetworksvdsl_asl-55052
-
alphanetworksvdsl_asl-56552
-
planexbrl-04cw
-
planexbrl-04r
-
planexbrl-04ur
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/
http://www.dlink.com/uk/en/support/security
http://www.kb.cert.org/vuls/id/248083
http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/
http://www.dlink.com/uk/en/support/security
http://www.kb.cert.org/vuls/id/248083