Vulnerability Details : CVE-2013-6026
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.
Exploit prediction scoring system (EPSS) score for CVE-2013-6026
Probability of exploitation activity in the next 30 days: 10.45%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-6026
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
[email protected] |
CWE ids for CVE-2013-6026
-
Assigned by: [email protected] (Primary)
References for CVE-2013-6026
Products affected by CVE-2013-6026
- cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:di-604\+:-:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*
- cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*
- cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*
- cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*
- cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*
- cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*