Is CVE-2013-5948 actively exploited?

CVE-2013-5948 has no public evidence of in-the-wild exploitation as of 2025-04-12.

What is the CVSS score for CVE-2013-5948?

CVE-2013-5948 has a CVSS score of 8.5 (UNKNOWN severity). Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C.

How do I patch CVE-2013-5948?

Patch guidance is available from t-mobile security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2013-5948.

CVE-2013-5948 - remediation guidance & executive summary

Q: Which products are affected by CVE-2013-5948?

5 products: t-mobile tm-ac1900, asus rt-ac68u firmware, asus rt-ac68u firmware, asus rt-ac68u firmware, asus rt-ac68u.

Description

The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).

CVSS Metrics

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Access Vector: network
Access Cmplx: medium
Auth: single
Confidentiality: complete
Integrity: complete
Availability: complete
Weaknesses: CWE-78 · OS Command Injection

Metadata

Primary Vendor: T-MOBILE
Published: 4/22/2014
Last Modified: 4/12/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

t-mobile : tm-ac1900asus : rt-ac68u_firmwareasus : rt-ac68u_firmwareasus : rt-ac68u_firmwareasus : rt-ac68u

Remediation Guidance

Executive Summary

View on NIST NVD