Vulnerabilites related to asus - rp-n14_firmware
Vulnerability from fkie_nvd
Published
2018-07-13 20:29
Modified
2024-11-21 02:56
Severity ?
Summary
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | https://www.kb.cert.org/vuls/id/763843 | Third Party Advisory, US Government Resource | |
| cret@cert.org | https://www.securityfocus.com/bid/93596 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/763843 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/93596 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rp-ac52_firmware | * | |
| asus | rp-ac52 | - | |
| asus | ea-n66_firmware | - | |
| asus | ea-n66 | - | |
| asus | rp-n12_firmware | - | |
| asus | rp-n12 | - | |
| asus | rp-n14_firmware | - | |
| asus | rp-n14 | - | |
| asus | rp-n53_firmware | - | |
| asus | rp-n53 | - | |
| asus | rp-ac56_firmware | - | |
| asus | rp-ac56 | - | |
| asus | wmp-n12_firmware | - | |
| asus | wmp-n12 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-ac52_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95CD566C-50C6-4D73-BDA5-707210513B0E",
"versionEndIncluding": "1.0.1.1s",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-ac52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3F3FE0-63F5-4D0F-9C3A-C1D39B16AED1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:ea-n66_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C9567D-E5BA-42C9-A51A-05D431510B0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:ea-n66:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7061553F-CA97-4021-A804-C29D1AE54AAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-n12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1B21FE-3A45-48DA-91BC-9A8CD8C7BD0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-n12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4291D2D-4C30-4E5A-94D9-0D465C9CFD88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-n14_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB07468-ECC0-4A52-9BDA-A8207F467250",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-n14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B193A7-7C51-457C-A475-7DFF6458D4BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-n53_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C97695-0E2B-461F-8C08-A4E709C67A77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-n53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39A8C124-CB6C-4F45-9C1B-0E52C59E42AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-ac56_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C2FAC7-3DB8-4313-8AB6-2E1E8BE66201",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-ac56:-:*:*:*:*:*:*:*",
"matchCriteriaId": "211D70E6-1FF9-4E0F-BA34-6A1329E4F01B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:wmp-n12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA89FE0-E934-4519-B49C-FAAFBA26150B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:wmp-n12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E35AD500-683F-4C96-B0CE-74029076083F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request."
},
{
"lang": "es",
"value": "En los puntos de acceso ASUS RP-AC52 con versiones de firmware 1.0.1.1s y posiblemente anteriores, la interfaz web no verifica lo suficiente si una petici\u00f3n v\u00e1lida ha sido proporcionada intencionadamente por el usuario. Un atacante puede realizar acciones con los mismos permisos que los del usuario v\u00edctima, siempre que la v\u00edctima tenga una sesi\u00f3n activa y sea inducida a desencadenar la petici\u00f3n maliciosa."
}
],
"id": "CVE-2016-6557",
"lastModified": "2024-11-21T02:56:21.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-13T20:29:00.817",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/93596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/93596"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-13 20:29
Modified
2024-11-21 02:56
Severity ?
Summary
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | https://www.kb.cert.org/vuls/id/763843 | Third Party Advisory, US Government Resource | |
| cret@cert.org | https://www.securityfocus.com/bid/93596 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/763843 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/93596 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rp-ac52_firmware | * | |
| asus | rp-ac52 | - | |
| asus | ea-n66_firmware | - | |
| asus | ea-n66 | - | |
| asus | rp-n12_firmware | - | |
| asus | rp-n12 | - | |
| asus | rp-n14_firmware | - | |
| asus | rp-n14 | - | |
| asus | rp-n53_firmware | - | |
| asus | rp-n53 | - | |
| asus | rp-ac56_firmware | - | |
| asus | rp-ac56 | - | |
| asus | wmp-n12_firmware | - | |
| asus | wmp-n12 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-ac52_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95CD566C-50C6-4D73-BDA5-707210513B0E",
"versionEndIncluding": "1.0.1.1s",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-ac52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3F3FE0-63F5-4D0F-9C3A-C1D39B16AED1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:ea-n66_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C9567D-E5BA-42C9-A51A-05D431510B0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:ea-n66:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7061553F-CA97-4021-A804-C29D1AE54AAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-n12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1B21FE-3A45-48DA-91BC-9A8CD8C7BD0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-n12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4291D2D-4C30-4E5A-94D9-0D465C9CFD88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-n14_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB07468-ECC0-4A52-9BDA-A8207F467250",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-n14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B193A7-7C51-457C-A475-7DFF6458D4BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-n53_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C97695-0E2B-461F-8C08-A4E709C67A77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-n53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39A8C124-CB6C-4F45-9C1B-0E52C59E42AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rp-ac56_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C2FAC7-3DB8-4313-8AB6-2E1E8BE66201",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rp-ac56:-:*:*:*:*:*:*:*",
"matchCriteriaId": "211D70E6-1FF9-4E0F-BA34-6A1329E4F01B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:wmp-n12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA89FE0-E934-4519-B49C-FAAFBA26150B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:wmp-n12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E35AD500-683F-4C96-B0CE-74029076083F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en apply.cgi en el punto de acceso de ASUS RP-AC52 en su versi\u00f3n del firmware 1.0.1.1s y posiblemente anteriores, en la interfaz web; espec\u00edficamente en el par\u00e1metro action_script. El par\u00e1metro action_script especifica un script para que sea ejecutado si el par\u00e1metro action_mode no contiene un estado v\u00e1lido. Si la entrada proporcionada por action_script no coincide con una de las opciones embebidas, se ejecutar\u00e1 como el argumento de una llamada system() o eval(), lo que permite que se ejecuten comandos arbitrarios."
}
],
"id": "CVE-2016-6558",
"lastModified": "2024-11-21T02:56:21.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-13T20:29:00.847",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/93596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/93596"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-6558 (GCVE-0-2016-6558)
Vulnerability from cvelistv5
Published
2018-07-13 20:00
Modified
2024-08-06 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ASUS | RP-AC52 Access Point |
Version: 1.0.1.1s |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:28.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/93596"
},
{
"name": "VU#763843",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RP-AC52 Access Point",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.0.1.1s"
}
]
}
],
"datePublic": "2016-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-13T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "93596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/93596"
},
{
"name": "VU#763843",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to command injection",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6558",
"STATE": "PUBLIC",
"TITLE": "The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to command injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RP-AC52 Access Point",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "1.0.1.1s",
"version_value": "1.0.1.1s"
}
]
}
}
]
},
"vendor_name": "ASUS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93596",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/93596"
},
{
"name": "VU#763843",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/763843"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-6558",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2016-08-03T00:00:00",
"dateUpdated": "2024-08-06T01:36:28.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6557 (GCVE-0-2016-6557)
Vulnerability from cvelistv5
Published
2018-07-13 20:00
Modified
2024-08-06 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ASUS | RP-AC52 Access Point |
Version: 1.0.1.1s |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:28.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/93596"
},
{
"name": "VU#763843",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RP-AC52 Access Point",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.0.1.1s"
}
]
}
],
"datePublic": "2016-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-13T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "93596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/93596"
},
{
"name": "VU#763843",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/763843"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to cross-site request forgery",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6557",
"STATE": "PUBLIC",
"TITLE": "The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to cross-site request forgery"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RP-AC52 Access Point",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "1.0.1.1s",
"version_value": "1.0.1.1s"
}
]
}
}
]
},
"vendor_name": "ASUS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93596",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/93596"
},
{
"name": "VU#763843",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/763843"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-6557",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2016-08-03T00:00:00",
"dateUpdated": "2024-08-06T01:36:28.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}