// For flags

CVE-2013-4659

ASUS RT-AC66U - 'acsd' Remote Command Execution

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.

Desbordamiento de búfer en Broadcom ACSD permite a atacantes remotos ejecutar código arbitrario a través de una cadena larga al puerto TCP 5916. Este componente es utilizado en routers de múltiples vendedores incluyendo ASUS RT-AC66U y TRENDnet TEW-812DRU.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-06-24 CVE Reserved
  • 2013-07-26 CVE Published
  • 2013-07-27 First Exploit
  • 2024-01-03 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Asus
Search vendor "Asus"
Rt-ac66u Firmware
Search vendor "Asus" for product "Rt-ac66u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Rt-ac66u
Search vendor "Asus" for product "Rt-ac66u"
--
Safe
Trendnet
Search vendor "Trendnet"
Tew-812dru Firmware
Search vendor "Trendnet" for product "Tew-812dru Firmware"
--
Affected
in Trendnet
Search vendor "Trendnet"
Tew-812dru
Search vendor "Trendnet" for product "Tew-812dru"
--
Safe