CVE-2013-6026
Last modified
CVE-2013-6026 is a vulnerability of currently unknown severity. The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.. EPSS estimates a 7.68% chance of exploitation in the next 30 days.
Description
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Di-524up | All versions |
| Dlink | Di-604\+ | All versions |
| Dlink | Di-604s | All versions |
| Dlink | Di-604up | All versions |
| Dlink | Di-624s | All versions |
| Dlink | Dir-100 | All versions |
| Dlink | Dir-120 | All versions |
| Dlink | Tm-G5240 | All versions |
| Alphanetworks | Vdsl Asl-55052 | All versions |
| Alphanetworks | Vdsl Asl-56552 | All versions |
| Planex | Brl-04cw | All versions |
| Planex | Brl-04r | All versions |
| Planex | Brl-04ur | All versions |
References
- http://www.kb.cert.org/vuls/id/248083US Government Resource
- http://www.kb.cert.org/vuls/id/248083US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-6026?
How severe is CVE-2013-6026?
How do I fix CVE-2013-6026?
Are you affected by CVE-2013-6026?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST