CVE-2013-3610

ASUS RT-N10E Firmware < 2.0.0.24 - Unauthenticated Administrator Password Exposure via QIS_finish.htm

Title source: llm
STIX 2.1

Description

qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.

References (1)

Core 1
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/984366

Scores

EPSS 0.0015
EPSS Percentile 35.6%

Details

CWE
CWE-287
Status published
Products (7)
asus/rt-n10e
asus/rt-n10e_firmware 2.0.0.7
asus/rt-n10e_firmware 2.0.0.10
asus/rt-n10e_firmware 2.0.0.16
asus/rt-n10e_firmware 2.0.0.19
asus/rt-n10e_firmware 2.0.0.20
asus/rt-n10e_firmware < 2.0.0.24
Published Oct 05, 2013
Tracked Since Feb 18, 2026