Details of VAR-200412-1186

ID

VAR-200412-1186

CVE

CVE-2004-1791

TITLE

Edimax AR-6004 ADSL router web Management Interface Permissions License and Access Control Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200412-325

DESCRIPTION

The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access. Full Rate Adsl Router is prone to a remote security vulnerability. A remote attacker could exploit this vulnerability to gain access

Trust: 1.26

sources: NVD: CVE-2004-1791 // BID: 90449 // VULHUB: VHN-10221

AFFECTED PRODUCTS

vendor:	edimax	model:	full rate adsl router	scope:	eq	version:	ar_6004	Trust: 1.6
vendor:	edimax	model:	full rate adsl router ar	scope:	eq	version:	6004	Trust: 0.3

sources: BID: 90449 // CNNVD: CNNVD-200412-325 // NVD: CVE-2004-1791

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1791
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200412-325
value:	HIGH
Trust: 0.6
VULHUB:	VHN-10221
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-1791
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-10221
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-10221 // CNNVD: CNNVD-200412-325 // NVD: CVE-2004-1791

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1791

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-325

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200412-325

EXTERNAL IDS

db:	NVD	id:	CVE-2004-1791	Trust: 2.0
db:	SECTRACK	id:	1008643	Trust: 2.0
db:	OSVDB	id:	3511	Trust: 1.7
db:	CNNVD	id:	CNNVD-200412-325	Trust: 0.7
db:	BUGTRAQ	id:	20040106 EDIMAX AR-6004 FULL RATE ADSL ROUTER CROSS SITE SCRIPTING VULNERABILLITY	Trust: 0.6
db:	BID	id:	90449	Trust: 0.4
db:	VULHUB	id:	VHN-10221	Trust: 0.1

sources: VULHUB: VHN-10221 // BID: 90449 // CNNVD: CNNVD-200412-325 // NVD: CVE-2004-1791

REFERENCES

url:	http://www.securityfocus.com/archive/1/349089	Trust: 2.0
url:	http://securitytracker.com/id?1008643	Trust: 2.0
url:	http://www.osvdb.org/3511	Trust: 1.7

sources: VULHUB: VHN-10221 // BID: 90449 // CNNVD: CNNVD-200412-325 // NVD: CVE-2004-1791

CREDITS

Unknown

Trust: 0.3

sources: BID: 90449

SOURCES

db:	VULHUB	id:	VHN-10221
db:	BID	id:	90449
db:	CNNVD	id:	CNNVD-200412-325
db:	NVD	id:	CVE-2004-1791

LAST UPDATE DATE

2024-08-14T13:17:05.951000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-10221	date:	2008-09-05T00:00:00
db:	BID	id:	90449	date:	2004-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200412-325	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1791	date:	2008-09-05T20:42:21.977

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-10221	date:	2004-12-31T00:00:00
db:	BID	id:	90449	date:	2004-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200412-325	date:	2004-12-31T00:00:00
db:	NVD	id:	CVE-2004-1791	date:	2004-12-31T05:00:00