Vulnerabilities > CVE-2013-7136 - Cryptographic Issues vulnerability in UPC Ireland Cisco Epc2425

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

upc

CWE-310

exploit available

NVD

Published: 2013-12-19

Updated: 2024-11-21

Summary

The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does not have a sufficiently large number of possible WPA-PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack.

Vulnerable Configurations

Part	Description	Count
Hardware	Upc UPC Ireland Cisco Epc2425 -	1

Common Weakness Enumeration (CWE)

CWE-310 - Cryptographic Issues

Common Attack Pattern Enumeration and Classification (CAPEC)

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Exploit-Db

description	UPC Ireland Cisco EPC 2425 Router / Horizon Box. CVE-2013-7136. Webapps exploit for hardware platform
file	exploits/hardware/webapps/30358.txt
id	EDB-ID:30358
last seen	2016-02-03
modified	2013-12-16
platform	hardware
port
published	2013-12-16
reporter	Matt O'Connor
source	https://www.exploit-db.com/download/30358/
title	UPC Ireland Cisco EPC 2425 Router / Horizon Box
type	webapps

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit-Db

References