Published: 31/07/2013 Updated: 24/02/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote malicious users to discover the cleartext administrative password by reading the "var pass=" line within the HTML source code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
westerndigital my_net_n900 -
westerndigital my_net_n900c -
westerndigital my_net_n750 -

Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 10312 N600 Firmware 10416 N750 Firmware 10312 N750 Firmware 10416 N900 Firmware 10512 N900 Firmware 10618 N900 Firmware 10628 N900C Firmware 10512 N900C Firmware 10618 N900C Firmware 10628 CVE 2013-5006 CWE-256 Plaintext Storage of a Pas ...

Western Digital My Net Series wireless routers suffer from a clear text password disclosure The N600, N750, N900, and N900C are affected This is an update to the prior advisory and has proof of concept information included ...

CWE-255 http://archives.neohapsis.com/archives/bugtraq/2013-07/0146.html http://www.osvdb.org/95519 http://archives.neohapsis.com/archives/bugtraq/2013-07/0133.html https://exchange.xforce.ibmcloud.com/vulnerabilities/85903 https://nvd.nist.gov https://www.exploit-db.com/exploits/27288/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-5006

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect