Details of VAR-201312-0285

ID

VAR-201312-0285

CVE

CVE-2013-6976

TITLE

Cisco EPC3925 Device goform/Quick_setup Vulnerable to cross-site request forgery

Trust: 0.8

sources: JVNDB: JVNDB-2013-005660

DESCRIPTION

Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496. Cisco EPC3925 Device goform/Quick_setup Contains a cross-site request forgery vulnerability. The Cisco EPC3925 Router is a home router device. Such as changing the management password. The Cisco EPC3925 failed to properly filter user-submitted 'DdnsHostName' parameter data, allowing remote attackers to exploit vulnerabilities for persistent cross-site scripting vulnerabilities to obtain sensitive information or hijack user sessions. Cisco EPC3925 is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. Cisco EPC3925 epc3925-E10-5-v302r125572-130520c is affected. Exploiting this issue may allow a remote attacker to perform certain administrative actions and compromise the affected device. This issue is being tracked by Cisco Bug IDs CSCuh37496. The vulnerability stems from the fact that the goform/Quick_setup URL does not properly validate the request

Trust: 3.33

sources: NVD: CVE-2013-6976 // JVNDB: JVNDB-2013-005660 // CNVD: CNVD-2013-15289 // CNVD: CNVD-2013-15557 // BID: 64486 // BID: 64341 // VULHUB: VHN-66978

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 1.2

sources: CNVD: CNVD-2013-15289 // CNVD: CNVD-2013-15557

AFFECTED PRODUCTS

vendor:	cisco	model:	epc3925	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	model epc3925 8x4 docsis 3.0 with wireless residential gateway with edva	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	epc3925 router	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	epc3925 router epc3925-e10-5-v302r125572-130520c	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	epc3925 -e10-5-v302r125572-1	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2013-15289 // CNVD: CNVD-2013-15557 // BID: 64486 // JVNDB: JVNDB-2013-005660 // CNNVD: CNNVD-201312-410 // NVD: CVE-2013-6976

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-6976
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-6976
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2013-15289
value:	LOW
Trust: 0.6
CNVD:	CNVD-2013-15557
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201312-410
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-66978
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-6976
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-15289
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
CNVD:	CNVD-2013-15557
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-66978
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2013-15289 // CNVD: CNVD-2013-15557 // VULHUB: VHN-66978 // JVNDB: JVNDB-2013-005660 // CNNVD: CNNVD-201312-410 // NVD: CVE-2013-6976

PROBLEMTYPE DATA

problemtype:

CWE-352

Trust: 1.9

sources: VULHUB: VHN-66978 // JVNDB: JVNDB-2013-005660 // NVD: CVE-2013-6976

THREAT TYPE

network

Trust: 0.6

sources: BID: 64486 // BID: 64341

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201312-410

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005660

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-66978

PATCH

title:

32238

url:

http://tools.cisco.com/security/center/viewAlert.x?alertId=32238

Trust: 0.8

sources: JVNDB: JVNDB-2013-005660

EXTERNAL IDS

db:	NVD	id:	CVE-2013-6976	Trust: 2.8
db:	EXPLOIT-DB	id:	30362	Trust: 2.3
db:	BID	id:	64341	Trust: 2.0
db:	PACKETSTORM	id:	124449	Trust: 1.1
db:	OSVDB	id:	101097	Trust: 1.1
db:	BID	id:	64486	Trust: 0.9
db:	JVNDB	id:	JVNDB-2013-005660	Trust: 0.8
db:	EXPLOIT-DB	id:	30415	Trust: 0.7
db:	CNNVD	id:	CNNVD-201312-410	Trust: 0.7
db:	CNVD	id:	CNVD-2013-15289	Trust: 0.6
db:	CNVD	id:	CNVD-2013-15557	Trust: 0.6
db:	SEEBUG	id:	SSVID-83807	Trust: 0.1
db:	SEEBUG	id:	SSVID-61168	Trust: 0.1
db:	SEEBUG	id:	SSVID-83763	Trust: 0.1
db:	VULHUB	id:	VHN-66978	Trust: 0.1

sources: CNVD: CNVD-2013-15289 // CNVD: CNVD-2013-15557 // VULHUB: VHN-66978 // BID: 64486 // BID: 64341 // JVNDB: JVNDB-2013-005660 // CNNVD: CNNVD-201312-410 // NVD: CVE-2013-6976

REFERENCES

url:	http://www.exploit-db.com/exploits/30362/	Trust: 2.3
url:	http://www.nerdbox.it/cisco-epc3925-csrf-vulnerability/	Trust: 1.7
url:	http://www.securityfocus.com/bid/64341	Trust: 1.1
url:	http://packetstormsecurity.com/files/124449/cisco-epc3925-cross-site-request-forgery.html	Trust: 1.1
url:	http://osvdb.org/101097	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6976	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6976	Trust: 0.8
url:	http://www.exploit-db.com/exploits/30415/	Trust: 0.6
url:	http://www.cisco.com	Trust: 0.6

CREDITS

Jeroen - IT Nerdbox

Trust: 0.6

sources: BID: 64486 // BID: 64341

SOURCES

db:	CNVD	id:	CNVD-2013-15289
db:	CNVD	id:	CNVD-2013-15557
db:	VULHUB	id:	VHN-66978
db:	BID	id:	64486
db:	BID	id:	64341
db:	JVNDB	id:	JVNDB-2013-005660
db:	CNNVD	id:	CNNVD-201312-410
db:	NVD	id:	CVE-2013-6976

LAST UPDATE DATE

2024-08-14T15:08:51.747000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-15289	date:	2013-12-18T00:00:00
db:	CNVD	id:	CNVD-2013-15557	date:	2013-12-25T00:00:00
db:	VULHUB	id:	VHN-66978	date:	2016-09-15T00:00:00
db:	BID	id:	64486	date:	2013-12-21T00:00:00
db:	BID	id:	64341	date:	2013-12-25T00:48:00
db:	JVNDB	id:	JVNDB-2013-005660	date:	2013-12-24T00:00:00
db:	CNNVD	id:	CNNVD-201312-410	date:	2013-12-20T00:00:00
db:	NVD	id:	CVE-2013-6976	date:	2016-09-15T19:23:26.973

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-15289	date:	2013-12-18T00:00:00
db:	CNVD	id:	CNVD-2013-15557	date:	2013-12-25T00:00:00
db:	VULHUB	id:	VHN-66978	date:	2013-12-19T00:00:00
db:	BID	id:	64486	date:	2013-12-21T00:00:00
db:	BID	id:	64341	date:	2013-12-16T00:00:00
db:	JVNDB	id:	JVNDB-2013-005660	date:	2013-12-24T00:00:00
db:	CNNVD	id:	CNNVD-201312-410	date:	2013-12-20T00:00:00
db:	NVD	id:	CVE-2013-6976	date:	2013-12-19T22:55:04.540