CVE-2013-7282

Nisuta NS-WIR150NE/NS-WIR300N - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-7282. PoCs published by Amplia Security Advisories.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Nisuta NS-WIR150NE and NS-WIR300N wireless routers by setting a hardcoded cookie to access the management interface without credentials. The PoC includes a Java program to download the router's configuration file, which contains sensitive information like the admin password.

Description

The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header.

Exploits (1)

exploitdb WORKING POC
by Amplia Security Advisories · textwebappshardware
https://www.exploit-db.com/exploits/30665

This exploit demonstrates an authentication bypass vulnerability in Nisuta NS-WIR150NE and NS-WIR300N wireless routers by setting a hardcoded cookie to access the management interface without credentials. The PoC includes a Java program to download the router's configuration file, which contains sensitive information like the admin password.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Nisuta NS-WIR150NE (firmware v5.07.41), Nisuta NS-WIR300N (firmware v5.07.36_NIS01)
No auth needed
Prerequisites: Network access to the router's management interface (LAN or WAN if remote management is enabled)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

EPSS 0.0957
EPSS Percentile 94.9%

Details

CWE
CWE-287
Status published
Products (4)
nisuta/ns-wir150ne
nisuta/ns-wir150ne_firmware 5.07.41
nisuta/ns-wir300n
nisuta/ns-wir300n_firmware 5.07.36_nis01
Published Jan 10, 2014
Tracked Since Feb 18, 2026