What is the severity of CVE-2013-5006?

CVE-2013-5006 is considered a high severity vulnerability due to the exposure of administrative passwords in cleartext.

How do I fix CVE-2013-5006?

To mitigate CVE-2013-5006, it is recommended to update the firmware of affected Western Digital My Net devices to a version that addresses this vulnerability.

What types of devices are affected by CVE-2013-5006?

CVE-2013-5006 affects Western Digital My Net N600, N750, N900, and N900C routers with specified firmware versions.

What kind of attack can be executed due to CVE-2013-5006?

CVE-2013-5006 allows remote attackers to retrieve cleartext administrative passwords, facilitating unauthorized access to the device.

Is CVE-2013-5006 a network vulnerability?

Yes, CVE-2013-5006 is a network vulnerability as it exposes sensitive information that can be exploited remotely.

Vulnerability/
CVE-2013-5006

medium

4.3

CWE

255

31/7/2013

6/8/2024

CVE-2013-5006

First published: Wed Jul 31 2013(Updated: )

main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the "var pass=" line within the HTML source code.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Westerndigital My Net N900
Westerndigital My Net N900c
Westerndigital My Net N750

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-5006?
CVE-2013-5006 is considered a high severity vulnerability due to the exposure of administrative passwords in cleartext.
How do I fix CVE-2013-5006?
To mitigate CVE-2013-5006, it is recommended to update the firmware of affected Western Digital My Net devices to a version that addresses this vulnerability.
What types of devices are affected by CVE-2013-5006?
CVE-2013-5006 affects Western Digital My Net N600, N750, N900, and N900C routers with specified firmware versions.
What kind of attack can be executed due to CVE-2013-5006?
CVE-2013-5006 allows remote attackers to retrieve cleartext administrative passwords, facilitating unauthorized access to the device.
Is CVE-2013-5006 a network vulnerability?
Yes, CVE-2013-5006 is a network vulnerability as it exposes sensitive information that can be exploited remotely.

collector/nvd-index
agent/references
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/weakness
agent/severity
agent/first-publish-date
agent/description
agent/event
agent/tags
agent/source
vendor/westerndigital
canonical/westerndigital my net n900
canonical/westerndigital my net n900c
canonical/westerndigital my net n750

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2013-5006?
CVE-2013-5006 is considered a high severity vulnerability due to the exposure of administrative passwords in cleartext.
How do I fix CVE-2013-5006?
To mitigate CVE-2013-5006, it is recommended to update the firmware of affected Western Digital My Net devices to a version that addresses this vulnerability.
What types of devices are affected by CVE-2013-5006?
CVE-2013-5006 affects Western Digital My Net N600, N750, N900, and N900C routers with specified firmware versions.
What kind of attack can be executed due to CVE-2013-5006?
CVE-2013-5006 allows remote attackers to retrieve cleartext administrative passwords, facilitating unauthorized access to the device.
Is CVE-2013-5006 a network vulnerability?
Yes, CVE-2013-5006 is a network vulnerability as it exposes sensitive information that can be exploited remotely.