CVE-2013-4733
published 2013-06-30CVE-2013-4733: The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote…
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
2.24%
80.6th percentile
The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| digital_alert_systems | dasdec_eas | <= 2.0-1 | — |
| digital_alert_systems | dasdec_eas | — | — |
| monroe_electronics | r189_one-net_eas | <= 2.0-1 | — |
| monroe_electronics | r189_one-net_eas | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Monroe Electronics R189 One-Net EAS up to 2.0 access control (VU#662676)
vuldb·2026-06-03·CVSS 7.5
CVE-2013-4733 [HIGH] Monroe Electronics R189 One-Net EAS up to 2.0 access control (VU#662676)
A vulnerability classified as critical was found in Monroe Electronics R189 One-Net EAS up to 2.0. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to improper access controls.
This vulnerability is tracked as CVE-2013-4733. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
GHSA
GHSA-jx2r-9qhf-j88m: The web server on the Digital Alert Systems DASDEC EAS device before 2
ghsa_unreviewed·2022-05-17
CVE-2013-4733 [HIGH] GHSA-jx2r-9qhf-j88m: The web server on the Digital Alert Systems DASDEC EAS device before 2
The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfhttp://www.kb.cert.org/vuls/id/662676http://www.kb.cert.org/vuls/id/AAMN-98MU7Hhttp://www.kb.cert.org/vuls/id/AAMN-98MUK2http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdfhttp://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfhttp://www.kb.cert.org/vuls/id/662676http://www.kb.cert.org/vuls/id/AAMN-98MU7Hhttp://www.kb.cert.org/vuls/id/AAMN-98MUK2http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdf
2013-06-30
Published