Rt N10E Firmware
CVE-2013-3610
MEDIUM
Severity by source
AV:A/AC:L/Au:N/C:C/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:A/AC:L/Au:N/C:C/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.
AnalysisAI
qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request. Affected products include: Asus Rt-N10E Firmware, Asus Rt-N10E. Version information: before 2.0.0.25.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
More in Rt N10E Firmware
View allSame weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today