CVE-2013-4659

CRITICAL

ASUS RT-AC66U and TRENDnet TEW-812DRU Firmware - Remote Code Execution via ACSD TCP Port 5916 Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4659. PoCs published by Jacob Holcomb.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the ASUS RT-AC66U router's acsd wireless service (CVE-2013-4659). It uses ROP gadgets and shellcode to achieve remote code execution, spawning a telnetd shell.

Description

Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.

Exploits (1)

exploitdb WORKING POC
by Jacob Holcomb · pythonremotelinux_mips
https://www.exploit-db.com/exploits/27133

This exploit targets a buffer overflow vulnerability in the ASUS RT-AC66U router's acsd wireless service (CVE-2013-4659). It uses ROP gadgets and shellcode to achieve remote code execution, spawning a telnetd shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ASUS RT-AC66U firmware 3.0.0.4.266 (acsd service)
No auth needed
Prerequisites: Network access to TCP port 5916 on the target router
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References

Scores

CVSS v3 9.8
EPSS 0.1153
EPSS Percentile 93.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
asus/rt-ac66u_firmware
trendnet/tew-812dru_firmware
Published Mar 14, 2017
Tracked Since Feb 18, 2026