Search criteria
9 vulnerabilities found for n300 by belkin
VAR-201409-0054
Vulnerability from variot - Updated: 2025-04-13 23:32Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration. Belkin N300 Wi-Fi N is a wireless router product from Belkin. Attackers can use security bypass vulnerabilities, bypass specific security restrictions, and perform certain specific unauthorized operations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "n300",
"scope": "eq",
"trust": 2.4,
"vendor": "belkin",
"version": "1.00.06"
},
{
"model": "n300",
"scope": "eq",
"trust": 1.0,
"vendor": "belkin",
"version": null
},
{
"model": "n300 wi-fi n router",
"scope": "eq",
"trust": 0.8,
"vendor": "belkin",
"version": "(f7d7301v1)"
},
{
"model": "n300 wi-fi n router",
"scope": "eq",
"trust": 0.6,
"vendor": "belkin",
"version": "1.00.06"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-564"
},
{
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:belkin:n300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:belkin:n300",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Holcomb of Independent Security Evaluators.",
"sources": [
{
"db": "BID",
"id": "59492"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-559"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3089",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2013-3089",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.4,
"id": "CNVD-2013-04023",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-63091",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3089",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-3089",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2013-04023",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-564",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-63091",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"db": "VULHUB",
"id": "VHN-63091"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-564"
},
{
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration. Belkin N300 Wi-Fi N is a wireless router product from Belkin. Attackers can use security bypass vulnerabilities, bypass specific security restrictions, and perform certain specific unauthorized operations",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3089"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-559"
},
{
"db": "BID",
"id": "59492"
},
{
"db": "BID",
"id": "59481"
},
{
"db": "VULHUB",
"id": "VHN-63091"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3089",
"trust": 3.4
},
{
"db": "BID",
"id": "59492",
"trust": 0.9
},
{
"db": "BID",
"id": "59481",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-564",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-04023",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201304-559",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-63091",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"db": "VULHUB",
"id": "VHN-63091"
},
{
"db": "BID",
"id": "59492"
},
{
"db": "BID",
"id": "59481"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-559"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-564"
},
{
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"id": "VAR-201409-0054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"db": "VULHUB",
"id": "VHN-63091"
}
],
"trust": 1.3666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04023"
}
]
},
"last_update_date": "2025-04-13T23:32:48.617000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "N300 Wi-Fi N Router",
"trust": 0.8,
"url": "http://www.belkin.com/us/support-product?pid=01t80000002wBTUAA2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63091"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"trust": 1.7,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/vulnerability_catalog.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3089"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3089"
},
{
"trust": 0.6,
"url": "http://news.cnet.com/8301-1009_3-57579981-83/top-wi-fi-routers-easy-to-hack-says-study/"
},
{
"trust": 0.6,
"url": "http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp"
},
{
"trust": 0.6,
"url": "http://securityevaluators.com/content/case-studies/routers/belkin_n900.jsp"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59492"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59481"
},
{
"trust": 0.3,
"url": "http://www.belkin.com/index.asp"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"db": "VULHUB",
"id": "VHN-63091"
},
{
"db": "BID",
"id": "59481"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-559"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-564"
},
{
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"db": "VULHUB",
"id": "VHN-63091"
},
{
"db": "BID",
"id": "59492"
},
{
"db": "BID",
"id": "59481"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-559"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-564"
},
{
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"date": "2014-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63091"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59492"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59481"
},
{
"date": "2014-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"date": "2013-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-559"
},
{
"date": "2013-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-564"
},
{
"date": "2014-09-29T22:55:08.427000",
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04023"
},
{
"date": "2014-10-01T00:00:00",
"db": "VULHUB",
"id": "VHN-63091"
},
{
"date": "2013-04-26T15:40:00",
"db": "BID",
"id": "59492"
},
{
"date": "2013-04-26T15:40:00",
"db": "BID",
"id": "59481"
},
{
"date": "2014-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006655"
},
{
"date": "2013-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-559"
},
{
"date": "2014-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-564"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2013-3089"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-559"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-564"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Belkin N300 Wi-Fi N Router of apply.cgi Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006655"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-564"
}
],
"trust": 0.6
}
}
VAR-201409-0055
Vulnerability from variot - Updated: 2025-04-13 23:04The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. Belkin N900 And N300 are prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Belkin N300 (F7D7301v1) Router is a broadband wireless router product of Belkin Company of the United States. There is a security vulnerability in the Belkin N300 (F7D7301v1) Router. The vulnerability is caused by the program not correctly verifying the HTTP Authorization header
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0055",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "n300",
"scope": "eq",
"trust": 2.4,
"vendor": "belkin",
"version": "1.00.06"
},
{
"model": "n300",
"scope": "eq",
"trust": 1.0,
"vendor": "belkin",
"version": null
},
{
"model": "n300 wi-fi n router",
"scope": "eq",
"trust": 0.8,
"vendor": "belkin",
"version": "(f7d7301v1)"
},
{
"model": "n900 f9k1104v1",
"scope": "eq",
"trust": 0.3,
"vendor": "belkin",
"version": "1.0.23"
},
{
"model": "n300 f7d7301v1",
"scope": "eq",
"trust": 0.3,
"vendor": "belkin",
"version": "1.00.06"
}
],
"sources": [
{
"db": "BID",
"id": "59499"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
},
{
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:belkin:n300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:belkin:n300",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Holcomb",
"sources": [
{
"db": "BID",
"id": "59499"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3092",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2013-3092",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-3092",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "VHN-63094",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3092",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3092",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-588",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-63094",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63094"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
},
{
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. Belkin N900 And N300 are prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Belkin N300 (F7D7301v1) Router is a broadband wireless router product of Belkin Company of the United States. There is a security vulnerability in the Belkin N300 (F7D7301v1) Router. The vulnerability is caused by the program not correctly verifying the HTTP Authorization header",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3092"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"db": "BID",
"id": "59499"
},
{
"db": "VULHUB",
"id": "VHN-63094"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3092",
"trust": 2.8
},
{
"db": "BID",
"id": "59499",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-588",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-63094",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63094"
},
{
"db": "BID",
"id": "59499"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
},
{
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"id": "VAR-201409-0055",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63094"
}
],
"trust": 0.80833335
},
"last_update_date": "2025-04-13T23:04:50.411000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "N300 Wi-Fi N Router",
"trust": 0.8,
"url": "http://www.belkin.com/us/support-product?pid=01t80000002wBTUAA2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63094"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"trust": 1.7,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/vulnerability_catalog.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3092"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3092"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59499"
},
{
"trust": 0.3,
"url": "http://www.belkin.com/index.asp"
},
{
"trust": 0.3,
"url": "http://securityevaluators.com/content/case-studies/routers/belkin_n900.jsp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63094"
},
{
"db": "BID",
"id": "59499"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
},
{
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63094"
},
{
"db": "BID",
"id": "59499"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
},
{
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63094"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59499"
},
{
"date": "2014-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"date": "2013-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-588"
},
{
"date": "2014-09-29T22:55:08.473000",
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-01T00:00:00",
"db": "VULHUB",
"id": "VHN-63094"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59499"
},
{
"date": "2014-10-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006656"
},
{
"date": "2014-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-588"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2013-3092"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Belkin N300 Wi-Fi N Router Vulnerabilities that bypass authentication",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006656"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-588"
}
],
"trust": 0.6
}
}
VAR-201401-0093
Vulnerability from variot - Updated: 2025-04-11 20:03Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors. The Belkin N300 Wi-Fi N Router is a wireless router device. A cross-site scripting vulnerability exists in the Belkin N300 Wi-Fi N Router that allows remote attackers to exploit vulnerabilities to build malicious URIs, entice users to resolve, gain sensitive information, or hijack user sessions. A web server can use a remote site's FormMail script without authorization, using remote system resources or exploiting other vulnerabilities in the script. For example, this issue can be used to exploit BID 2079, "Matt Wright FormMail Remote Command Execution Vulnerability". FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user. User supplied data (from the "recipient" hidden field) is passed to a Perl OPEN function without proper input verification, allowing the use of the command separation shell metacharacter (;) to execute arbitrary commands on the remote host. Consequences could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities. The Belkin N300 router is prone to an unspecified cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0093",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "n300",
"scope": "eq",
"trust": 1.6,
"vendor": "belkin",
"version": null
},
{
"model": "n300 wi-fi n router",
"scope": null,
"trust": 0.8,
"vendor": "belkin",
"version": null
},
{
"model": "n300 wi-fi n router",
"scope": "eq",
"trust": 0.6,
"vendor": "belkin",
"version": "1.00.06"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.6,
"vendor": "matt",
"version": "1.0"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.6,
"vendor": "matt",
"version": "1.9"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.8"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.7"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.6"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.5"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.4"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.3"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.2"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.1"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.8"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.7"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.6"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.5"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.4"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.3"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.2"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.1"
},
{
"model": "n300 f7d7301v1",
"scope": "eq",
"trust": 0.3,
"vendor": "belkin",
"version": "1.00.06"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "59497"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-590"
},
{
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:belkin:n300",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Holcomb of Independent Security Evaluators",
"sources": [
{
"db": "BID",
"id": "59497"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-590"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3090",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-3090",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2013-04024",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-63092",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3090",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-3090",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2013-04024",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-590",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-63092",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"db": "VULHUB",
"id": "VHN-63092"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-590"
},
{
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors. The Belkin N300 Wi-Fi N Router is a wireless router device. A cross-site scripting vulnerability exists in the Belkin N300 Wi-Fi N Router that allows remote attackers to exploit vulnerabilities to build malicious URIs, entice users to resolve, gain sensitive information, or hijack user sessions. \nA web server can use a remote site\u0027s FormMail script without authorization, using remote system resources or exploiting other vulnerabilities in the script. For example, this issue can be used to exploit BID 2079, \"Matt Wright FormMail Remote Command Execution Vulnerability\". FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user. \nUser supplied data (from the \"recipient\" hidden field) is passed to a Perl OPEN function without proper input verification, allowing the use of the command separation shell metacharacter (;) to execute arbitrary commands on the remote host. Consequences could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities. The Belkin N300 router is prone to an unspecified cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3090"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "59497"
},
{
"db": "VULHUB",
"id": "VHN-63092"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3090",
"trust": 3.4
},
{
"db": "BID",
"id": "59497",
"trust": 1.0
},
{
"db": "XF",
"id": "300",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-590",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-04024",
"trust": 0.6
},
{
"db": "BID",
"id": "2079",
"trust": 0.6
},
{
"db": "XF",
"id": "83837",
"trust": 0.6
},
{
"db": "BID",
"id": "2080",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-63092",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"db": "VULHUB",
"id": "VHN-63092"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "59497"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-590"
},
{
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"id": "VAR-201401-0093",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"db": "VULHUB",
"id": "VHN-63092"
}
],
"trust": 1.3666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04024"
}
]
},
"last_update_date": "2025-04-11T20:03:13.972000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "N300 Wi-Fi N Router",
"trust": 0.8,
"url": "http://www.belkin.com/us/support-product?pid=01t80000002wBTUAA2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63092"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://securityevaluators.com/content/case-studies/routers/vulnerability_catalog.pdf"
},
{
"trust": 1.1,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83837"
},
{
"trust": 0.9,
"url": "http://securityevaluators.com/content/case-studies/routers/belkin_n900.jsp"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3090"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3090"
},
{
"trust": 0.8,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/vulnerability_catalog.pdf"
},
{
"trust": 0.6,
"url": "http://news.cnet.com/8301-1009_3-57579981-83/top-wi-fi-routers-easy-to-hack-says-study/"
},
{
"trust": 0.6,
"url": "http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp"
},
{
"trust": 0.6,
"url": "http://www.worldwidemart.com/scripts/formmail.shtml"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/83837"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59497"
},
{
"trust": 0.3,
"url": "http://xforce.iss.net/static/300.php"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/bid/2079"
},
{
"trust": 0.3,
"url": "http://www.guard.dubna.ru/cgibug.html"
},
{
"trust": 0.3,
"url": "http://www.belkin.com/index.asp"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"db": "VULHUB",
"id": "VHN-63092"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "59497"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-590"
},
{
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"db": "VULHUB",
"id": "VHN-63092"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "59497"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-590"
},
{
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"date": "2014-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-63092"
},
{
"date": "1997-01-01T00:00:00",
"db": "BID",
"id": "2080"
},
{
"date": "1995-08-02T00:00:00",
"db": "BID",
"id": "2079"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59497"
},
{
"date": "2014-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"date": "2013-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-590"
},
{
"date": "2014-01-30T15:06:22.970000",
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04024"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63092"
},
{
"date": "1997-01-01T00:00:00",
"db": "BID",
"id": "2080"
},
{
"date": "1995-08-02T00:00:00",
"db": "BID",
"id": "2079"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59497"
},
{
"date": "2014-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005962"
},
{
"date": "2014-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-590"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-3090"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "59497"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Belkin N300 Wi-Fi N Router Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005962"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "59497"
}
],
"trust": 0.6
}
}
CVE-2013-3092 (GCVE-0-2013-3092)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3092",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-17T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3089 (GCVE-0-2013-3089)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3089",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-17T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3090 (GCVE-0-2013-3090)
Vulnerability from nvd – Published: 2014-01-30 15:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "belkin-n300-cve20133090-unspecified-xss(83837)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83837"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "belkin-n300-cve20133090-unspecified-xss(83837)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83837"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "belkin-n300-cve20133090-unspecified-xss(83837)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83837"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3090",
"datePublished": "2014-01-30T15:00:00",
"dateReserved": "2013-04-17T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3089 (GCVE-0-2013-3089)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3089",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-17T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3092 (GCVE-0-2013-3092)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3092",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-17T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3090 (GCVE-0-2013-3090)
Vulnerability from cvelistv5 – Published: 2014-01-30 15:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "belkin-n300-cve20133090-unspecified-xss(83837)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83837"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "belkin-n300-cve20133090-unspecified-xss(83837)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83837"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/content/case-studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "belkin-n300-cve20133090-unspecified-xss(83837)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83837"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3090",
"datePublished": "2014-01-30T15:00:00",
"dateReserved": "2013-04-17T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}