Search criteria
8 vulnerabilities found for n300_firmware by belkin
CVE-2022-30105 (GCVE-0-2022-30105)
Vulnerability from nvd – Published: 2022-05-18 15:52 – Updated: 2024-08-03 06:40
VLAI
Summary
In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exploitee.rs/index.php/Belkin_N300#Re… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-18T15:52:59.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-30105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root",
"refsource": "MISC",
"url": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-30105",
"datePublished": "2022-05-18T15:52:59.000Z",
"dateReserved": "2022-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:40:47.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3091 (GCVE-0-2013-3091)
Vulnerability from nvd – Published: 2020-02-07 18:03 – Updated: 2024-08-06 16:00
VLAI
Summary
An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| https://www.ise.io/research/studies-and-papers/be… | x_refsource_MISC |
Date Public
2013-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ise.io/research/studies-and-papers/belkin_n900/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using \"Javascript debugging.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-07T18:03:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ise.io/research/studies-and-papers/belkin_n900/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using \"Javascript debugging.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"name": "https://www.ise.io/research/studies-and-papers/belkin_n900/",
"refsource": "MISC",
"url": "https://www.ise.io/research/studies-and-papers/belkin_n900/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3091",
"datePublished": "2020-02-07T18:03:21.000Z",
"dateReserved": "2013-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:00:09.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3092 (GCVE-0-2013-3092)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI
Summary
The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
Date Public
2013-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3092",
"datePublished": "2014-09-29T22:00:00.000Z",
"dateReserved": "2013-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:00:09.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3089 (GCVE-0-2013-3089)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
Date Public
2013-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3089",
"datePublished": "2014-09-29T22:00:00.000Z",
"dateReserved": "2013-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:00:09.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30105 (GCVE-0-2022-30105)
Vulnerability from cvelistv5 – Published: 2022-05-18 15:52 – Updated: 2024-08-03 06:40
VLAI
Summary
In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exploitee.rs/index.php/Belkin_N300#Re… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-18T15:52:59.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-30105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the [form name] form; [list vulnerable parameters], are not properly sanitized after being submitted to the web interface in a POST request. With specially crafted parameters, it is possible to inject a an OS command which will be executed with root privileges, as the web interface, and all processes on the device, run as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root",
"refsource": "MISC",
"url": "https://www.exploitee.rs/index.php/Belkin_N300#Remote_Root"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-30105",
"datePublished": "2022-05-18T15:52:59.000Z",
"dateReserved": "2022-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:40:47.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3091 (GCVE-0-2013-3091)
Vulnerability from cvelistv5 – Published: 2020-02-07 18:03 – Updated: 2024-08-06 16:00
VLAI
Summary
An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| https://www.ise.io/research/studies-and-papers/be… | x_refsource_MISC |
Date Public
2013-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ise.io/research/studies-and-papers/belkin_n900/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using \"Javascript debugging.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-07T18:03:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ise.io/research/studies-and-papers/belkin_n900/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using \"Javascript debugging.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"name": "https://www.ise.io/research/studies-and-papers/belkin_n900/",
"refsource": "MISC",
"url": "https://www.ise.io/research/studies-and-papers/belkin_n900/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3091",
"datePublished": "2020-02-07T18:03:21.000Z",
"dateReserved": "2013-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:00:09.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3092 (GCVE-0-2013-3092)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI
Summary
The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
Date Public
2013-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3092",
"datePublished": "2014-09-29T22:00:00.000Z",
"dateReserved": "2013-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:00:09.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3089 (GCVE-0-2013-3089)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
| http://securityevaluators.com/knowledge/case_stud… | x_refsource_MISC |
Date Public
2013-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3089",
"datePublished": "2014-09-29T22:00:00.000Z",
"dateReserved": "2013-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:00:09.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}