Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nec | Atermwm3450Rn | - |
| Nec | Atermwm3600R | - |
| Nec | Atermwr8160N | - |
| Nec | Atermwr8370N | - |
| Nec | Atermwr8600N | - |
| Nec | Atermwr9500N | - |
Related Weaknesses (CWE)
References
- http://jpn.nec.com/security-info/secinfo/nv13-005.html
- http://jvn.jp/en/jp/JVN59503133/6443/index.html
- http://jvn.jp/en/jp/JVN59503133/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000024
- http://jpn.nec.com/security-info/secinfo/nv13-005.html
- http://jvn.jp/en/jp/JVN59503133/6443/index.html
- http://jvn.jp/en/jp/JVN59503133/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000024
FAQ
What is CVE-2013-0717?
CVE-2013-0717 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN router...
How severe is CVE-2013-0717?
CVE-2013-0717 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0717?
Check the references section above for vendor advisories and patch information. Affected products include: Nec Atermwm3450Rn, Nec Atermwm3600R, Nec Atermwr8160N, Nec Atermwr8370N, Nec Atermwr8600N.