CVE-2013-3092

The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name	Vendor	Start Version	End Version
N300_firmware	Belkin	1.00.06 (including)	1.00.06 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/114.html
https://cwe.mitre.org/data/definitions/115.html
https://cwe.mitre.org/data/definitions/151.html
https://cwe.mitre.org/data/definitions/194.html
https://cwe.mitre.org/data/definitions/22.html
https://cwe.mitre.org/data/definitions/57.html
https://cwe.mitre.org/data/definitions/593.html
https://cwe.mitre.org/data/definitions/633.html
https://cwe.mitre.org/data/definitions/650.html
https://cwe.mitre.org/data/definitions/94.html

References

http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf
http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php
http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf
http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-3092
CWE	https://cwe.mitre.org/data/definitions/287.html

Improper Authentication

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References