ID

VAR-201402-0187


CVE

CVE-2013-7183


TITLE

Seowon Intech WiMAX SWU-9100 mobile router contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#431726

DESCRIPTION

cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote attackers to (1) cause a denial of service (reboot) via a default_reboot action or (2) reset all configuration values via a factory_default action. Seowon Intech WiMAX SWU-9100 mobile routers contain command injection (CWE-77) and direct request (CWE-425) vulnerabilities. Seowon Intech SWC-9100 Routers is a wireless router product from South Korea's Seowon Intech. WiMAX SWC-9100 Mobile Router is prone to a security-bypass vulnerability and a command-injection vulnerability. Exploiting these issues could allow an attacker to bypass certain security restrictions or execute arbitrary commands in the context of the device

Trust: 3.15

sources: NVD: CVE-2013-7183 // CERT/CC: VU#431726 // JVNDB: JVNDB-2013-005987 // CNVD: CNVD-2014-00706 // BID: 65306

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-00706

AFFECTED PRODUCTS

vendor:seowonintechmodel:swc-9100scope:eqversion: -

Trust: 1.6

vendor:seowon intechmodel: - scope: - version: -

Trust: 0.8

vendor:seowon intechmodel:wimax swc-9100scope: - version: -

Trust: 0.8

vendor:seowon intechmodel:swc-9100scope: - version: -

Trust: 0.6

vendor:seowonintechmodel:wimax swc-9100 mobile routerscope:eqversion:0

Trust: 0.3

sources: CERT/CC: VU#431726 // CNVD: CNVD-2014-00706 // BID: 65306 // JVNDB: JVNDB-2013-005987 // CNNVD: CNNVD-201402-025 // NVD: CVE-2013-7183

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-7183
value: HIGH

Trust: 1.0

NVD: CVE-2013-7183
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-00706
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201402-025
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2013-7183
severity: HIGH
baseScore: 7.8
vectorString: AV:A/AC:L/AU:N/C:N/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-00706
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-00706 // JVNDB: JVNDB-2013-005987 // CNNVD: CNNVD-201402-025 // NVD: CVE-2013-7183

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.8

problemtype:CWE-425

Trust: 0.8

problemtype:CWE-77

Trust: 0.8

problemtype:CWE-Other

Trust: 0.8

sources: CERT/CC: VU#431726 // JVNDB: JVNDB-2013-005987 // NVD: CVE-2013-7183

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201402-025

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201402-025

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005987

PATCH

title:WiMAXurl:http://www.seowonintech.co.kr/jp/product/detail.asp?num=123&big_kind=B04&middle_kind=B04_06

Trust: 0.8

title:Patch for multiple vulnerabilities (CNVD-2014-00706) on Seowon Intech SWC-9100 Routersurl:https://www.cnvd.org.cn/patchInfo/show/43268

Trust: 0.6

sources: CNVD: CNVD-2014-00706 // JVNDB: JVNDB-2013-005987

EXTERNAL IDS

db:CERT/CCid:VU#431726

Trust: 4.1

db:NVDid:CVE-2013-7183

Trust: 3.3

db:SECUNIAid:56756

Trust: 1.0

db:OSVDBid:102817

Trust: 1.0

db:BIDid:65306

Trust: 0.9

db:JVNid:JVNVU95318893

Trust: 0.8

db:JVNDBid:JVNDB-2013-005987

Trust: 0.8

db:CNVDid:CNVD-2014-00706

Trust: 0.6

db:CNNVDid:CNNVD-201402-025

Trust: 0.6

sources: CERT/CC: VU#431726 // CNVD: CNVD-2014-00706 // BID: 65306 // JVNDB: JVNDB-2013-005987 // CNNVD: CNNVD-201402-025 // NVD: CVE-2013-7183

REFERENCES

url:http://www.kb.cert.org/vuls/id/431726

Trust: 3.3

url:http://www.seowonintech.co.kr/en/product/detail.asp?num=117&big_kind=b04&middle_kind=b04_07

Trust: 1.1

url:http://osvdb.org/102817

Trust: 1.0

url:http://secunia.com/advisories/56756

Trust: 1.0

url:http://cwe.mitre.org/data/definitions/77.html

Trust: 0.8

url:http://cwe.mitre.org/data/definitions/425.html

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7183

Trust: 0.8

url:http://jvn.jp/vu/jvnvu95318893/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7183

Trust: 0.8

sources: CERT/CC: VU#431726 // CNVD: CNVD-2014-00706 // BID: 65306 // JVNDB: JVNDB-2013-005987 // CNNVD: CNNVD-201402-025 // NVD: CVE-2013-7183

CREDITS

Josue Rojas

Trust: 0.3

sources: BID: 65306

SOURCES

db:CERT/CCid:VU#431726
db:CNVDid:CNVD-2014-00706
db:BIDid:65306
db:JVNDBid:JVNDB-2013-005987
db:CNNVDid:CNNVD-201402-025
db:NVDid:CVE-2013-7183

LAST UPDATE DATE

2024-11-23T22:08:23.201000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#431726date:2014-02-11T00:00:00
db:CNVDid:CNVD-2014-00706date:2014-02-11T00:00:00
db:BIDid:65306date:2014-02-03T00:00:00
db:JVNDBid:JVNDB-2013-005987date:2016-02-10T00:00:00
db:CNNVDid:CNNVD-201402-025date:2014-02-08T00:00:00
db:NVDid:CVE-2013-7183date:2024-11-21T02:00:27.083

SOURCES RELEASE DATE

db:CERT/CCid:VU#431726date:2014-02-03T00:00:00
db:CNVDid:CNVD-2014-00706date:2014-02-11T00:00:00
db:BIDid:65306date:2014-02-03T00:00:00
db:JVNDBid:JVNDB-2013-005987date:2014-02-05T00:00:00
db:CNNVDid:CNNVD-201402-025date:2014-02-08T00:00:00
db:NVDid:CVE-2013-7183date:2014-02-04T05:39:08.433