CVE-2013-7293

The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always resolve to 192.168.1.1, which makes it easier for remote attackers to hijack the configuration traffic by controlling the server associated with that hostname.
References
Link Resource
http://www.kb.cert.org/vuls/id/191750 Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/64799
Configurations

Configuration 1 (hide)

cpe:2.3:h:asus:wl-330nul:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-01-15 16:13

Updated : 2024-02-28 12:20


NVD link : CVE-2013-7293

Mitre link : CVE-2013-7293

CVE.ORG link : CVE-2013-7293


JSON object : View

Products Affected

asus

  • wl-330nul
CWE
CWE-16

Configuration

CWE-284

Improper Access Control