First published: Mon Apr 21 2014(Updated: )
The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ASUS TM-AC1900 | =3.0.0.4.376_3169 | |
ASUS RT-AC68R | =3.0.0.4.374.4755 | |
ASUS RT-AC68R | =3.0.0.4.374_4561 | |
ASUS RT-AC68R | =3.0.0.4.374_4887 | |
ASUS RT-AC68R |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-5948 is considered a high severity vulnerability due to its potential for remote command execution.
To fix CVE-2013-5948, users should update their ASUS RT-AC68U or affected RT series router firmware to version 3.0.0.4.374.5047 or later.
CVE-2013-5948 affects ASUS RT-AC68U and other RT series routers with firmware versions prior to 3.0.0.4.374.5047.
CVE-2013-5948 allows remote authenticated users to execute arbitrary commands through shell metacharacters.
Yes, exploiting CVE-2013-5948 requires remote authenticated access to the router's administrative interface.