CVE-2013-10050

HIGH

CVSS v3

8.8

HIGH

EPSS Score

61.9%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is present in firmware versions that expose tools_vct.xgi and use the Mathopd/1.5p6 web server. No vendor patch is available, and affected models are end-of-life.

Technical Details

Published
8/1/2025

Frequently Asked Questions

What is CVE-2013-10050?

An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is present in firmware versions that expose tools_vct.xgi and use the Mathopd/1.5p6 web server. No vendor patch is available, and affected models are end-of-life.

Is CVE-2013-10050 actively exploited?

Active exploitation of CVE-2013-10050 has not been confirmed. The EPSS score is 61.9%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2013-10050?

CVE-2013-10050 has a CVSS v3 base score of 8.8 (HIGH severity).

Is CVE-2013-10050 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.