CVE-2013-5948

Published: Apr 22, 2014Modified: May 6, 2026

8.5

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability: 6.8 / Impact: 10.0

Source: NVD

Description

The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).

Affected (5)

Products: T Mobile: Tm Ac1900 · Asus: Rt Ac68u Firmware, Rt Ac68u

1 product

2 products

Rt Ac68u Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
T Mobile Tm Ac1900	Version 3.0.0.4.376_3169

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac68u Firmware	Version 3.0.0.4.374.4755
Asus Rt Ac68u Firmware	Version 3.0.0.4.374_4561
Asus Rt Ac68u Firmware	Version 3.0.0.4.374_4887
Asus Rt Ac68u	All versions

Related CWEs

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (8)

http://seclists.org/fulldisclosure/2014/Apr/59

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2014/Apr/66

Source: cve@mitre.org

Exploit

http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29

Source: cve@mitre.org

https://support.t-mobile.com/docs/DOC-21994

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2014/Apr/59

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2014/Apr/66

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.t-mobile.com/docs/DOC-21994

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.