CVE-2013-7293

ASUS WL-330NUL - Configuration Traffic Hijacking via DNS Hostname Misconfiguration

Title source: llm
STIX 2.1

Description

The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always resolve to 192.168.1.1, which makes it easier for remote attackers to hijack the configuration traffic by controlling the server associated with that hostname.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/64799
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/191750

Scores

EPSS 0.0083
EPSS Percentile 74.8%

Details

CWE
CWE-16 CWE-284
Status published
Products (1)
asus/wl-330nul
Published Jan 15, 2014
Tracked Since Feb 18, 2026