Asus · Asus Rt-N10E · CVE-2013-3610
**Name of the Vulnerable Software and Affected Versions**
ASUS RT-N10E router versions prior to 2.0.0.25
**Description**
The issue concerns the lack of authentication requirement for the qis/QIS finish.htm page on the ASUS RT-N10E router. This allows remote attackers to discover the administrator password via a direct request to the '/qis/QIS finish.htm' endpoint.
**Recommendations**
For versions prior to 2.0.0.25, update the firmware to version 2.0.0.25 or later to resolve the issue.