cbcvebase.
CVE-2013-7282
published 2014-01-10

CVE-2013-7282: The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote…

PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
9.57%
94.9th percentile
The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header.

Affected

2 ranges
VendorProductVersion rangeFixed in
nisutans-wir150ne_firmware
nisutans-wir300n_firmware

Detection & IOCsextracted from sources · hover to see the quote

cookie:language=en
cookieadmin:language=en
path/cgi-bin/DownloadCfg/config.cfg
commandwget --header="Cookie: :language=en" http://192.168.2.1/cgi-bin/DownloadCfg/config.cfg -t 1
  • Detect HTTP requests to router management interfaces containing the bypass cookie ':language=en' or 'admin:language=en' without a prior successful authentication session.
  • Alert on unauthenticated HTTP GET requests to /cgi-bin/DownloadCfg/config.cfg, which exposes the management password in the 'http_passwd' variable.
  • Flag HTTP responses containing 'Set-Cookie: admin:language=en' as evidence of the vulnerable hard-coded cookie being issued by a Nisuta router.
  • ·The authentication bypass works on both WAN and LAN interfaces; WAN remote management is not enabled by default, but LAN management cannot be disabled, meaning internal network attackers are always exposed.
  • ·The management web interface operates over plain HTTP with no encryption, so even after patching the auth bypass, credentials remain exposed in transit.
  • ·No firmware update was made available for the NS-WIR300N; that model remains permanently vulnerable.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.