VAR-201311-0241
Vulnerability from variot - Updated: 2025-04-11 23:10The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the "Web Management via WAN" setting, which allows remote attackers to bypass intended access restrictions via HTTP requests. The Satechi Smart Travel Router is a wireless router device. A remote attacker can bypass the access restriction control device by submitting an HTTP request. Satechi Travel Router is a portable router product of American Satechi Company that includes standard international plug adapters, USB chargers and WiFi (802.11b/g/n) routers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0241",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smart travel router",
"scope": "eq",
"trust": 3.0,
"vendor": "satechi",
"version": "1.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-480"
},
{
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:satechi:smart_travel_router",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luc Dore",
"sources": [
{
"db": "BID",
"id": "64030"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6918",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2013-6918",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14852",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-66920",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-6918",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-6918",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2013-14852",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-480",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-66920",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2013-6918",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "VULHUB",
"id": "VHN-66920"
},
{
"db": "VULMON",
"id": "CVE-2013-6918"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-480"
},
{
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the \"Web Management via WAN\" setting, which allows remote attackers to bypass intended access restrictions via HTTP requests. The Satechi Smart Travel Router is a wireless router device. A remote attacker can bypass the access restriction control device by submitting an HTTP request. Satechi Travel Router is a portable router product of American Satechi Company that includes standard international plug adapters, USB chargers and WiFi (802.11b/g/n) routers",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6918"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "BID",
"id": "64030"
},
{
"db": "VULHUB",
"id": "VHN-66920"
},
{
"db": "VULMON",
"id": "CVE-2013-6918"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6918",
"trust": 3.5
},
{
"db": "BID",
"id": "64030",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-480",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-14852",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20131122 UNAUTHORIZED CONSOLE ACCESS ON SATECHI TRAVEL ROUTER V1.5",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-66920",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-6918",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "VULHUB",
"id": "VHN-66920"
},
{
"db": "VULMON",
"id": "CVE-2013-6918"
},
{
"db": "BID",
"id": "64030"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-480"
},
{
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"id": "VAR-201311-0241",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "VULHUB",
"id": "VHN-66920"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
}
]
},
"last_update_date": "2025-04-11T23:10:35.165000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Satechi Smart Travel Router",
"trust": 0.8,
"url": "http://www.satechi.net/index.php/satechi-smart-travel-router"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66920"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0123.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6918"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6918"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/64030"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "VULHUB",
"id": "VHN-66920"
},
{
"db": "VULMON",
"id": "CVE-2013-6918"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-480"
},
{
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "VULHUB",
"id": "VHN-66920"
},
{
"db": "VULMON",
"id": "CVE-2013-6918"
},
{
"db": "BID",
"id": "64030"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-480"
},
{
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"date": "2013-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-66920"
},
{
"date": "2013-11-30T00:00:00",
"db": "VULMON",
"id": "CVE-2013-6918"
},
{
"date": "2013-12-02T00:00:00",
"db": "BID",
"id": "64030"
},
{
"date": "2013-12-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"date": "2013-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-480"
},
{
"date": "2013-11-30T11:43:54.663000",
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"date": "2014-03-05T00:00:00",
"db": "VULHUB",
"id": "VHN-66920"
},
{
"date": "2014-03-05T00:00:00",
"db": "VULMON",
"id": "CVE-2013-6918"
},
{
"date": "2013-12-02T00:00:00",
"db": "BID",
"id": "64030"
},
{
"date": "2013-12-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005332"
},
{
"date": "2013-12-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-480"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-6918"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-480"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Satechi Smart Travel Router Web Management Console Remote Authentication Bypass Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14852"
},
{
"db": "BID",
"id": "64030"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-480"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…