Skip to main content

Wireless Network Extender CVE-2013-4874

MEDIUM
Improper Authentication (CWE-287)
2013-07-18 cve@mitre.org
6.2
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.2 MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:H/Au:N/C:C/I:C/A:C
Attack Vector
Local
Attack Complexity
High
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Jul 18, 2013 - 16:51 cve.org
MEDIUM 6.2

DescriptionCVE.org

The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the ramboot environment variable.

AnalysisAI

The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to. Rated medium severity (CVSS 6.2). No vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the ramboot environment variable. Affected products include: Verizon Wireless Network Extender.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.

Share

CVE-2013-4874 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy