CVE-2013-4734
published 2013-06-30CVE-2013-4734: dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable…
PriorityP340high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
EPSS
1.38%
68.6th percentile
dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| digital_alert_systems | dasdec_eas | <= 2.0-1 | — |
| digital_alert_systems | dasdec_eas | — | — |
| monroe_electronics | r189_one-net_eas | <= 2.0-1 | — |
| monroe_electronics | r189_one-net_eas | — | — |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Monroe Electronics R189 One-Net EAS up to 2.0 Remote Code Execution (VU#662676)
vuldb·2026-06-03·CVSS 7.3
CVE-2013-4734 [HIGH] Monroe Electronics R189 One-Net EAS up to 2.0 Remote Code Execution (VU#662676)
A vulnerability, which was classified as critical, has been found in Monroe Electronics R189 One-Net EAS up to 2.0. Affected by this issue is some unknown functionality. The manipulation leads to Remote Code Execution.
This vulnerability is listed as CVE-2013-4734. The attack may be initiated remotely. There is no available exploit.
It is advisable to upgrade the affected component.
GHSA
GHSA-vp74-83j6-mv6x: dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2
ghsa_unreviewed·2022-05-17
CVE-2013-4734 [HIGH] GHSA-vp74-83j6-mv6x: dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2
dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfhttp://www.kb.cert.org/vuls/id/662676http://www.kb.cert.org/vuls/id/AAMN-98MU7Hhttp://www.kb.cert.org/vuls/id/AAMN-98MUK2http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdfhttp://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfhttp://www.kb.cert.org/vuls/id/662676http://www.kb.cert.org/vuls/id/AAMN-98MU7Hhttp://www.kb.cert.org/vuls/id/AAMN-98MUK2http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdf
2013-06-30
Published