CVE-2013-4937
CVE-2013-4937 is a critical-severity vulnerability in Asus Rt-ac66u Firmware with a CVSS 2.0 base score of 10.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Critical (CVSS 2.0 base score 10.0)
- EPSS exploit prediction: 2% (73rd percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Asus Rt-ac66u Firmware
- Published:
- Last modified:
Description
Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors.
Frequently asked questions
- What is CVE-2013-4937?
- Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors.
- How severe is CVE-2013-4937?
- CVE-2013-4937 has a CVSS 2.0 base score of 10.0, rated critical severity.
- Is CVE-2013-4937 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (73rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2013-4937?
- CVE-2013-4937 primarily affects Asus Rt-ac66u Firmware. In total, 51 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2013-4937?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- When was CVE-2013-4937 published?
- CVE-2013-4937 was published on 2013-07-26 and last updated on 2026-06-16.
References
- http://reviews.cnet.com/8301-3132_7-57594003-98
- http://twitter.com/ASUSUSA/statuses/357612236392509440
Affected products (51)
- cpe:2.3:o:asus:rt-ac66u_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.140:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.220:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.246:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.260:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.270:*:*:*:*:*:*:*
- cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n66u_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.272:*:*:*:*:*:*:*
- cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n65u_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.134:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.176:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.260:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.334:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.342:*:*:*:*:*:*:*
- cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n14u_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.322:*:*:*:*:*:*:*
- cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:1.0.1.9:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:1.0.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.108:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.162:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.178:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.220:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.246:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.260:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n16_firmware:7.0.2.38b:*:*:*:*:*:*:*
- cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4o:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7c:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7f:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8j:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8l:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8n:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.318:*:*:*:*:*:*:*
More vulnerabilities in Asus Rt-ac66u Firmware
- CVE-2013-6343 — Critical (CVSS 10.0): Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979…
- CVE-2018-8879 — Critical (CVSS 9.8): Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before…
- CVE-2013-4656 — Critical (CVSS 9.8): Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.
- CVE-2018-8826 — Critical (CVSS 9.8): ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228;…
- CVE-2018-9285 — Critical (CVSS 9.8): Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and…
- CVE-2013-4659 — Critical (CVSS 9.8): Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916.…