Security readout for executives and security teams
Plain-English summary
This is a high-impact flaw in a legacy Linksys router web interface. A logged-in administrator could abuse a diagnostic ping setting to run operating-system commands on the router. It matters most where old WRT160Nv2 firmware is still deployed or remotely administered.
Executive priority
Prioritize remediation where these routers manage business connectivity, sit at network edges, or expose administration remotely. Replacement is usually the most defensible path for unsupported legacy equipment because the sources do not name a confirmed vendor patch.
Technical view
CVE-2013-10058 is CWE-78 OS command injection in Linksys apply.cgi. The ping_size parameter used by diagnostic operations is not properly sanitized, allowing authenticated remote code execution. The source bundle names WRT160Nv2 firmware 2.0.03 as tested/affected and gives CVSS 4.0 score 8.6.
Likely exposure
Exposure is most likely in legacy Linksys WRT160Nv2 routers running firmware 2.0.03, especially where the web management interface is reachable beyond a trusted admin network. Valid credentials are required, so weak/default passwords and exposed remote administration increase practical risk.
Exploitation context
Public exploit references exist in Metasploit and Exploit-DB, but the bundle does not show CISA KEV listing or confirmed active exploitation. Treat this as readily reproducible for authenticated attackers, not as proven actively exploited from the provided evidence.
Researcher notes
Key evidence supports authenticated command injection through apply.cgi diagnostic input, with high confidentiality, integrity, and availability impact under CVSS 4.0. The affected scope beyond WRT160Nv2 2.0.03 is not fully established in the bundle, so avoid assuming broader model coverage without vendor confirmation.
Mitigation direction
- Identify and retire or replace affected legacy Linksys routers.
- Check Linksys or vendor guidance for supported firmware or lifecycle status.
- Disable remote administration where available.
- Restrict web management access to trusted admin networks or VPN.
- Change default or weak administrator credentials.
- Segment legacy routers away from sensitive internal systems.
Validation and detection
- Inventory Linksys WRT160Nv2 devices and record firmware versions.
- Confirm whether firmware version 2.0.03 is present.
- Verify management interfaces are not internet-exposed.
- Review administrator account strength and access control.
- Check logs for unusual authenticated diagnostic activity.
Public sources used
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
CWE-78: Command execution behavior lookup
Command injection weaknesses can lead defenders to review execution techniques and command interpreter telemetry. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
Open ATT&CK lookupExecution behavior lookup
The CVE wording references code or command execution, so execution technique review may help defensive triage. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.
Open ATT&CK lookupCVE-2013-10058 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
Open ATT&CK lookup- Severity
- High
- CVSS
- 8.6 (4.0)
- Known Exploited
- No
- Published
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CNA and ADP enrichment extracted from CVE v5
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
CVSS vector scores
1 official scoreWe collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N——Primary CVE scoreVulnerability scoring details
Base CVSS 4.0 score
8.6HighVector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Source materials
- CVE List V5 sourceCVE List V5
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rbCVE reference · exploit
- https://www.exploit-db.com/exploits/24478CVE reference · exploit
- https://www.exploit-db.com/exploits/25608CVE reference · exploit
- https://web.archive.org/web/20140830181242/http://www.s3cur1ty.de/m1adv2013-012CVE reference · technical-description, exploit
- https://www.vulncheck.com/advisories/linksys-legacy-routers-remote-command-injectionCVE reference · third-party-advisory
Products and packages named in the record
CWE details
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
