Vulnerabilites related to asus - rt-ac66u
Vulnerability from fkie_nvd
Published
2015-01-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| t-mobile | tm-ac1900 | 3.0.0.4.376_3169 | |
| asus | wrt_firmware | 3.0.0.4.376.2524-g0012f52 | |
| asus | wrt_firmware | 3.0.0.4.376_1071 | |
| asus | rt-ac66u | * | |
| asus | rt-n66u | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*",
"matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376.2524-g0012f52:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCA7A1C-02A8-445A-B6AE-BB9C8FAF6E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376_1071:*:*:*:*:*:*:*",
"matchCriteriaId": "2156DB35-853F-4C69-89D6-4111FD849AD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "106D80BC-400A-4996-8A4E-68D3F24B200F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98F88197-8E64-468C-8F36-281ED8E3716A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."
},
{
"lang": "es",
"value": "common.c en infosvr en ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, y otras versiones, utilizado en RT-AC66U, RT-N66U, y otros routers, no comprueba correctamente la direcci\u00f3n MAC para una solicitud, lo que permite a atacantes remotos evadir la autenticaci\u00f3n y ejecutar comandos arbitrarios a trav\u00e9s de un paquete NET_CMD_ID_MANU_CMD en el puerto UDP 9999. NOTA: este problema fue mapeado incorrectamente a CVE-2014-10000, pero este identificador es inv\u00e1lido debido a su uso como ejemplo de cambio de la sintaxis de identificadores de CVEs del 2014."
}
],
"id": "CVE-2014-9583",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-08T20:59:02.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/35688"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://github.com/jduck/asus-cmd"
},
{
"source": "cve@mitre.org",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/44524/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/35688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/jduck/asus-cmd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/44524/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-20 20:29
Modified
2024-11-21 04:14
Severity ?
Summary
ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rt-ac51u_firmware | 3.0.0.4.380.8228 | |
| asus | rt-ac51u | - | |
| asus | rt-ac58u_firmware | 3.0.0.4.380.8228 | |
| asus | rt-ac58u | - | |
| asus | rt-ac66u_firmware | 3.0.0.4.380.8228 | |
| asus | rt-ac66u | - | |
| asus | rt-ac1750_firmware | 3.0.0.4.380.8228 | |
| asus | rt-ac1750 | - | |
| asus | rt-n12_d1_firmware | 3.0.0.4.380.8228 | |
| asus | rt-n12_d1 | - | |
| asus | rt-ac52u_b1_firmware | 3.0.0.4.380.10446 | |
| asus | rt-ac52u_b1 | - | |
| asus | rt-ac1200_firmware | 3.0.0.4.380.10446 | |
| asus | rt-ac1200 | - | |
| asus | rt-n600_firmware | 3.0.0.4.380.10446 | |
| asus | rt-n600 | - | |
| asus | rt-ac55u_firmware | 3.0.0.4.382.50276 | |
| asus | rt-ac55u | - | |
| asus | rt-ac55uhp_firmware | 3.0.0.4.382.50276 | |
| asus | rt-ac55uhp | - | |
| asus | rt-ac86u_firmware | 3.0.0.4.384.20648 | |
| asus | rt-ac86u | - | |
| asus | rt-acrh13_firmware | 3.0.0.4.380.8228 | |
| asus | rt-acrh13 | - | |
| asus | rt-ac2900_firmware | 3.0.0.4.384.20648 | |
| asus | rt-ac2900 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac51u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*",
"matchCriteriaId": "11CD0A73-1D7B-478F-9623-C913EB77BAD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac58u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*",
"matchCriteriaId": "8A255109-04A4-493E-99EA-79CC71073F88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50D22A86-7CA0-49EC-8B1D-47D6B7E8E15F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*",
"matchCriteriaId": "1FECFFE5-4BCB-4148-B314-C23F8D1C8C64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*",
"matchCriteriaId": "12588A08-D81C-497A-855C-996E07E0EE22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12_d1_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*",
"matchCriteriaId": "36E280DA-7FF8-4C2F-BA29-6004BA554C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12_d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BEAAA78-FBF0-48CB-97EE-29DBFDDAFF2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac52u_b1_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*",
"matchCriteriaId": "FA8BCB1D-5830-409F-9F4B-8F88ABC50326",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac52u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "959BF67B-D5CF-4E55-981F-56149DCCC927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*",
"matchCriteriaId": "E26361D0-76A9-470A-A7CD-2596363AA21D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n600_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*",
"matchCriteriaId": "27ED9386-FCAF-4A65-BC49-BF3AFFAAD032",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac55u_firmware:3.0.0.4.382.50276:*:*:*:*:*:*:*",
"matchCriteriaId": "B442681B-A689-4BA5-8822-4E5702695C4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac55uhp_firmware:3.0.0.4.382.50276:*:*:*:*:*:*:*",
"matchCriteriaId": "0D65EFF2-CA44-4646-9426-E8B20E003B8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac55uhp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69102D-EF9E-4E84-B9FA-9049F7816E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4.384.20648:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B83576-E242-4B1A-889F-F92107575799",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-acrh13_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*",
"matchCriteriaId": "3AFF9167-5986-44D4-B6E2-B4320B07A478",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2900_firmware:3.0.0.4.384.20648:*:*:*:*:*:*:*",
"matchCriteriaId": "A36E10B1-D39D-44B7-9D01-8095D821EA53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2640D39-F0C3-49AA-87D1-F423150FDF2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Los routers ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13 y RT-N12 D1 con firmware anterior a 3.0.0.4.380.8228; los routers RT-AC52U B1, RT-AC1200 y RT-N600 con firmware anterior a 3.0.0.4.380.10446; los routers RT-AC55U y RT-AC55UHP con firmware anterior a 3.0.0.4.382.50276; los routers RT-AC86U y RT-AC2900 con firmware anterior a 3.0.0.4.384.20648; y posiblemente otros routers de la serie RT, permiten que atacantes remotos ejecuten c\u00f3digo arbitrario mediante vectores sin especificar."
}
],
"id": "CVE-2018-8826",
"lastModified": "2024-11-21T04:14:23.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-20T20:29:00.583",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-04 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*",
"matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B65300BF-25AB-4130-A6D3-27E673B47630",
"versionEndIncluding": "3.0.0.4.374.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F78791C6-23A8-41B6-A886-59A593165B8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0863AD7-F290-4201-BDD9-497C82517C75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "106D80BC-400A-4996-8A4E-68D3F24B200F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA91183-BE7D-4055-8707-1B11368D4435",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E2864C-6D9B-4D00-AB6A-82248DD82210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45140849-3F44-4866-850D-195B393F2849",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42BBB86A-961B-4529-8B74-CF6889156AB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98F88197-8E64-468C-8F36-281ED8E3716A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image."
},
{
"lang": "es",
"value": "Los routers ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, y posiblemente otros de la serie RT anterior a firmware 3.0.0.4.376.x no verifica la integridad de (1) informaci\u00f3n de actualizaciones o (2) actualizaciones de descargas del firmware, lo que permite a atacantes man-in-the-middle (MITM) ejecutar c\u00f3digo arbitrario a trav\u00e9s de un imagen manipulado."
}
],
"id": "CVE-2014-2718",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-11-04T22:55:06.417",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/70791"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"source": "cve@mitre.org",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.t-mobile.com/docs/DOC-21994"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://starlabs.sg/advisories/18-20334/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20334/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | asuswrt | 3.0.0.4.384.20308 | |
| asus | gt-ac2900 | - | |
| asus | gt-ac5300 | - | |
| asus | gt-ax11000 | - | |
| asus | rt-ac1200 | - | |
| asus | rt-ac1200_v2 | - | |
| asus | rt-ac1200g | - | |
| asus | rt-ac1200ge | - | |
| asus | rt-ac1750 | - | |
| asus | rt-ac1750_b1 | - | |
| asus | rt-ac1900p | - | |
| asus | rt-ac3100 | - | |
| asus | rt-ac3200 | - | |
| asus | rt-ac51u | - | |
| asus | rt-ac5300 | - | |
| asus | rt-ac55u | - | |
| asus | rt-ac56r | - | |
| asus | rt-ac56s | - | |
| asus | rt-ac56u | - | |
| asus | rt-ac66r | - | |
| asus | rt-ac66u | - | |
| asus | rt-ac66u-b1 | - | |
| asus | rt-ac66u_b1 | - | |
| asus | rt-ac68p | - | |
| asus | rt-ac68u | - | |
| asus | rt-ac86u | - | |
| asus | rt-ac87u | - | |
| asus | rt-ac88u | - | |
| asus | rt-acrh12 | - | |
| asus | rt-acrh13 | - | |
| asus | rt-ax3000 | - | |
| asus | rt-ax56u | - | |
| asus | rt-ax58u | - | |
| asus | rt-ax88u | - | |
| asus | rt-ax92u | - | |
| asus | rt-g32 | - | |
| asus | rt-n10\+d1 | - | |
| asus | rt-n10e | - | |
| asus | rt-n14u | - | |
| asus | rt-n16 | - | |
| asus | rt-n19 | - | |
| asus | rt-n56r | - | |
| asus | rt-n56u | - | |
| asus | rt-n600 | - | |
| asus | rt-n65u | - | |
| asus | rt-n66r | - | |
| asus | rt-n66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Al procesar los datos POST del archivo /start_apply.htm, se presenta un problema de inyecci\u00f3n de comandos por medio de metacaracteres de shell en el par\u00e1metro fb_email. Al usar este problema, un atacante puede controlar el enrutador y conseguir la shell."
}
],
"id": "CVE-2018-20334",
"lastModified": "2024-11-21T04:01:15.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-20T01:15:22.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20334/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20334/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-28 05:15
Modified
2024-11-21 05:38
Severity ?
Summary
ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rt-ac66u_firmware | 3.0.0.4.372_67 | |
| asus | rt-ac66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.372_67:*:*:*:*:*:*:*",
"matchCriteriaId": "2968E5E9-618F-4982-8E22-205C7B12BDA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature."
},
{
"lang": "es",
"value": "Los dispositivos ASUS WRT-AC66U 3 RT versi\u00f3n 3.0.0.4.372_67, permiten un ataque de tipo XSS por medio del campo Client Name en la funcionalidad Parental Control."
}
],
"id": "CVE-2020-7997",
"lastModified": "2024-11-21T05:38:10.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T05:15:11.447",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-28 21:15
Modified
2024-11-21 01:52
Severity ?
Summary
ASUS RT-N56U devices allow CSRF.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.securityfocus.com/archive/1/531194 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/archive/1/531194 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rt-n56u_firmware | 3.0.0.4.374_979 | |
| asus | rt-n56u | - | |
| asus | rt-n10u_firmware | 3.0.0.4.374_168 | |
| asus | rt-n10u | - | |
| asus | dsl-n55u_firmware | 3.0.0.4.374_1397 | |
| asus | dsl-n55u | - | |
| asus | rt-ac66u_firmware | 3.0.0.4.374_2050 | |
| asus | rt-ac66u | - | |
| asus | rt-n15u_firmware | 3.0.0.4.374_16 | |
| asus | rt-n15u | - | |
| asus | rt-n53_firmware | 3.0.0.4.374_311 | |
| asus | rt-n53 | - | |
| asus | rt-n16_firmware | 3.0.0.4.374_979 | |
| asus | rt-n16 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.374_979:*:*:*:*:*:*:*",
"matchCriteriaId": "71FB53A0-E6FE-44AB-9C58-3D171D014C89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n10u_firmware:3.0.0.4.374_168:*:*:*:*:*:*:*",
"matchCriteriaId": "829CAB34-EED3-4CE7-94D7-CAD9065F23EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n10u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4DE1E4-5956-47DE-A3E5-41BACE56ECDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:dsl-n55u_firmware:3.0.0.4.374_1397:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF2B1DD-066D-4CF0-8B20-4BB0004AEDC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:dsl-n55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B81970C5-B766-4D2E-91EE-ADD5A9B77FF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.374_2050:*:*:*:*:*:*:*",
"matchCriteriaId": "06072740-9813-463A-BE8D-005494458924",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n15u_firmware:3.0.0.4.374_16:*:*:*:*:*:*:*",
"matchCriteriaId": "373F0934-4234-4047-9FD1-100847A5BDF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n15u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1E024B-4966-43E5-882D-549E3DCF09FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n53_firmware:3.0.0.4.374_311:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B18E8F-EB3B-4766-8053-5C6890178305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5055A58-33A0-4CC4-A855-50ABE0A4F358",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.374_979:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDC5CE-25FC-489E-9E4C-88FC8C885576",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-N56U devices allow CSRF."
},
{
"lang": "es",
"value": "Los dispositivos ASUS RT-N56U, permiten un ataque de tipo CSRF."
}
],
"id": "CVE-2013-3093",
"lastModified": "2024-11-21T01:52:59.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T21:15:11.560",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/archive/1/531194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/archive/1/531194"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://starlabs.sg/advisories/18-20333/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20333/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | asuswrt | 3.0.0.4.384.20308 | |
| asus | gt-ac2900 | - | |
| asus | gt-ac5300 | - | |
| asus | gt-ax11000 | - | |
| asus | rt-ac1200 | - | |
| asus | rt-ac1200_v2 | - | |
| asus | rt-ac1200g | - | |
| asus | rt-ac1200ge | - | |
| asus | rt-ac1750 | - | |
| asus | rt-ac1750_b1 | - | |
| asus | rt-ac1900p | - | |
| asus | rt-ac3100 | - | |
| asus | rt-ac3200 | - | |
| asus | rt-ac51u | - | |
| asus | rt-ac5300 | - | |
| asus | rt-ac55u | - | |
| asus | rt-ac56r | - | |
| asus | rt-ac56s | - | |
| asus | rt-ac56u | - | |
| asus | rt-ac66r | - | |
| asus | rt-ac66u | - | |
| asus | rt-ac66u-b1 | - | |
| asus | rt-ac66u_b1 | - | |
| asus | rt-ac68p | - | |
| asus | rt-ac68u | - | |
| asus | rt-ac86u | - | |
| asus | rt-ac87u | - | |
| asus | rt-ac88u | - | |
| asus | rt-acrh12 | - | |
| asus | rt-acrh13 | - | |
| asus | rt-ax3000 | - | |
| asus | rt-ax56u | - | |
| asus | rt-ax58u | - | |
| asus | rt-ax88u | - | |
| asus | rt-ax92u | - | |
| asus | rt-g32 | - | |
| asus | rt-n10\+d1 | - | |
| asus | rt-n10e | - | |
| asus | rt-n14u | - | |
| asus | rt-n16 | - | |
| asus | rt-n19 | - | |
| asus | rt-n56r | - | |
| asus | rt-n56u | - | |
| asus | rt-n600 | - | |
| asus | rt-n65u | - | |
| asus | rt-n66r | - | |
| asus | rt-n66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Un usuario no autenticado puede solicitar el archivo /update_applist.asp para visualizar si un dispositivo USB se encuentra adjunto al enrutador y si hay aplicaciones instaladas en el enrutador."
}
],
"id": "CVE-2018-20333",
"lastModified": "2024-11-21T04:01:15.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-20T01:15:22.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20333/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20333/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-05 12:15
Modified
2024-11-21 06:29
Severity ?
Summary
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/ | Product, Vendor Advisory | |
| cve@mitre.org | https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/ | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xd4s_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDAEEC5-E6E8-457E-8432-FD39D65BDEDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xd4s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3B20AB-5861-4E5F-B59E-F12D587D2AEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xt9_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "569711EA-9CBA-4B97-BC4C-B13C93DBB70F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xt9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "971A3BA4-5093-4B17-BEE6-039B12E3183E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xd5_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "46EC6E99-DE45-492E-8BC8-8D39018B07AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xd5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD83FAE-D0F5-4C4B-B731-A7E28AB38581",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_pro_et12_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "757EEF1F-E574-477F-A2CA-B8B69080EA30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_pro_et12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "126C4415-18E9-4989-88BE-BB46AD0BE096",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi__pro_xt12_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D186B98E-4255-4D8D-BDDF-D14BD447FA32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi__pro_xt12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B77BF29C-750A-4305-89BA-D4889875D888",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ax_hybrid_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F0790420-3761-420D-B2ED-BD8D1B38A141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ax_hybrid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5CCBC4-423E-4C96-AF4A-1104ECA2E17B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_et8_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3F13E-1E01-4B29-B135-F279F802C2AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_et8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D08073-95DA-426F-94DD-3F820180CC1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xd6_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "106EA3E7-532A-40EB-A138-1C4214956278",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xd6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEAB3EB-28B7-4FB8-9ECA-3A671B51A776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ac_mini_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "55D8268F-E64E-4856-9443-0246941DA712",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ac_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "684A13D8-D0BA-499C-B3E3-E075BE05EABA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ax_mini_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "B51D8BA5-6047-4EDB-B642-2068941066F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ax_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2B95883-48B9-4182-A721-8EDBF844C480",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ax_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7E460687-9C49-40AC-8107-969820F90C51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54F3A1C0-2616-4E64-9704-78922DF22477",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ac_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "662CCFEE-DC9F-450D-BDC8-B185E9CD2DB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09478D87-D059-4C9B-83BB-22D55CFC9DB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "960791C1-B456-4DA8-B606-0988977DCE69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax88u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "25287F79-2607-402F-879C-920360FAFA76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax82u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7D226F86-D73A-482A-ABBD-48FDB755D137",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D118305-CAFD-425F-8352-3B241D2E7702",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax89x_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9DE7A3-F8B0-4785-ACAE-165F304BFF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax89x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F98D091B-BE82-4ED0-BA8F-DECF15A9D119",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax92u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B5A898-D537-4E75-AB7A-B8311F1DF94D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax86u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "84A5D3AF-D0F6-4B91-9B66-38215156F733",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB28700C-02EB-46D0-9BAD-833CE4790264",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax68u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "2C03B276-5913-4EF3-9EE6-2FEA71998FAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax82u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7D226F86-D73A-482A-ABBD-48FDB755D137",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D118305-CAFD-425F-8352-3B241D2E7702",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax3000_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "A15CDE16-255C-4A40-94A7-95C788FB2BE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax58u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBE622D-B408-44B2-B7C6-24D57539FB9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax55_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "1A169487-AD9E-4F63-87EB-673B0341B890",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3B2034-A825-4EE4-926F-7D871B6F9A35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "34BF10C4-7822-42F6-B114-87C5EB78BFA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "609655F3-B9AE-4075-A351-9B36195541AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rog_rapture_gt-ac5300_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F1C8AB-0A44-454A-9149-86559022F42E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rog_rapture_gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06FA8797-3675-479A-AFBB-AC4F25B439CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rog_rapture_gt-ax11000_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "ED377F42-5880-487E-A942-EC9B109CB69D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rog_rapture_gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "990862C8-4B83-4C35-88E2-91186E52C6D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rog_rapture_gt-ac2900_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C9153836-7577-44AE-ACD1-DC8991A77D28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rog_rapture_gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9DBAB2-B19E-44DC-AAB8-964E3552D6FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1300uhp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8FFBE7-4B92-488A-915B-1C5598D81FD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1300uhp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54B97C8-B312-4A17-BBF1-7381D28912B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1300g\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1E8C93-1633-4118-85FA-120B962AE214",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1300g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECDCBA1-4198-40C0-B9D7-170BC2AB8261",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:tuf_gaming_ax5400_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0D790FA3-E1B3-46CE-BB52-611CC4CF91A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:tuf_gaming_ax5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E77AB7A-918A-4337-A757-CD1083CCCDF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:tuf_gaming_ax3000_v2_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7497F325-BD79-432B-82E0-628CA7E51CA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:tuf_gaming_ax3000_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B78882B-11A8-46D9-A425-1ACAE6EF7CDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "E1864563-DEBF-412B-8763-58161F6D309D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac5300_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEA8F8C-0A72-42C9-A456-A9A4CACD2CB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200g_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBF2427-0F6A-461B-8B03-D23A6C3BF404",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200hp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "850E8DCA-6B59-4F03-97B8-0A332B025987",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37EA4BB5-7F63-4CD5-9F66-7EC0BB901FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200g\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2F3B5D-C56E-4391-A71B-C1B58E308FBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0A7BAC-63CD-4758-9463-211574486A45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200e_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "458E3EB7-EF12-43BD-8956-9E892C886AAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28248D9F-07A8-4FBF-818D-B76DB38854FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200gu_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "52D88F76-7B33-4B37-B057-D1B7F7A8D363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200gu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1CC84A-95E3-4F28-B831-040619426244",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac3100_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "2915225A-086C-4585-BF59-D6E075C78197",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac58u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "5E50CFD0-2B4C-4D77-9A32-03D0474D91E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50D22A86-7CA0-49EC-8B1D-47D6B7E8E15F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac88u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "8C33813E-EA85-4F4E-9FE7-997267884BB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac56u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "775AB1CB-F843-4262-AB43-BC13AA298CEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac56r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C72E066D-30CB-49E9-8C10-7C4C453E2813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac56s_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCD73E0-9220-49F9-AA7B-B2AF132051CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac3200_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "3303372F-E52E-4756-B205-773B77DCC24B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac55u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "8F75EF51-9844-4D74-884A-7C04AFF6C310",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2900_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C9E5F6-5402-427C-A85F-D82B0D4E1DF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2640D39-F0C3-49AA-87D1-F423150FDF2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac55uhp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAA43C6-2DBA-4ADF-8773-9C25A0DDEE9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac55uhp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69102D-EF9E-4E84-B9FA-9049F7816E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2600_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC73139-1865-4E6C-9A4F-E4F79B1FE9CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "985B5B75-7936-413C-A4DD-608E1378718A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac53_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "116B31F2-6DCD-4342-BE0C-7FCADEBBAF87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09FFA25-CEE0-4529-A4F3-A93D23CB26F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2400_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "3926212A-CA52-48FD-BE4D-A1B656BCF133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56484DE8-0DBE-40E5-A652-8438CD1EF9A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac52u_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "6845A682-26C6-4E80-B0F4-B400B1EB7AC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac52u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "959BF67B-D5CF-4E55-981F-56149DCCC927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2200_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F84B7-B8D0-4A7D-ACE4-EBA4FDADF85E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0ADA8C-58FE-4EDD-B979-FF02639A79A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac51u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C1525164-721B-4A5D-8BC1-036CEF01AA72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac51u\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "4E3F816D-560D-4B7F-8CC0-CED83EB6C45B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac51u\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A56B3D13-D0A5-482C-9E40-173EF23DA849",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac87u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "958A0324-8CEE-433D-9E10-FBFFF83B5D2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac87r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BD3267-CA06-4AF0-838C-6022242B0A9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac87r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34D91D22-049E-46BB-A85D-D9FDD81BCAB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-acrh17_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "049ACFBB-76CE-450F-8F33-5C5CAE3FCF36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-acrh17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "137B2237-4581-4894-A36A-DE49C96CB80F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E1E2F-BDFF-43CB-ACED-90386148F25E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-acrh13_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F2C90-9924-4A5B-B480-9359D65D4997",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac85u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C28ADB3C-23C9-463C-9005-4641B3D54817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac85u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40933EE3-E7D1-438E-B551-892D20042593",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D653C25C-CE16-4CFA-9D14-790D95B9E3A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "90714873-F25D-498F-B4B8-09F0BD3810E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66w_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "549EF224-94AE-4226-88D2-DB70671B5EFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB181BD-4C90-44F4-9E43-1230C2455243",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66c1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6EA4E6-F589-43A1-BB57-995F8A79CBA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66c1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B08A821-2DDD-4B4E-991D-7A683073D3F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac85p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "822329E4-C623-444A-84D1-0B729E0D82C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac85p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D268AD1-5F24-46CE-8E23-B24ECE6D049A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n18u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "A2284A76-5377-42B1-A7FB-21718E3623B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n18u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB744DE5-64DB-4EFF-A23C-EE9BB57A36C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac65p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "08853311-7B1D-475E-BF65-4C833DE6B865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac65p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9BA5F5-E43D-4187-9BED-4A71BA4E4974",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n19_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "006A39FA-D10A-47DB-8EA8-1F7735CDE42B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac57u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D118329C-B834-4D68-8A11-46771DC2EA7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac57u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F42D43F-C52B-4809-9E08-5F908DF0E67D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n14uhp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "06E53E35-1576-470B-9CBB-9D59B9332A7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n14uhp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76A8DF-A914-4700-8EE2-29CD4205F4B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6A2CA4-91BB-4500-8733-9205E7FFB3D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "97254DEB-10C1-4020-8E7A-E2088A774DB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2F0504-2FB5-4983-BD98-8080D4BF49DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA9DBF2-5A51-47D3-A428-6E20D8472EAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68w_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "264E599A-8E85-43B7-90AF-B6CE6441B992",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB2F5A0-ADD6-4725-8B27-F10B5F4CEC6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68uf_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "4D207FED-F8B3-4330-B79C-CA28485B6B41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68uf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85422660-7559-4ED0-8ED3-DF928C50FD4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12e_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0921E20F-8495-4543-B202-A362E8ADB8F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12e_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "992A3E02-BBC4-4738-AF26-5278E31F1F08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12e_c1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9E35F7-FAD2-4941-98C7-2AE5FCC0881A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12e_c1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D17BCFEC-0436-48F0-BE18-3A2018D0A5C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac65u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CC243-6267-4AB0-824E-96FE4C21284B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75F69BB5-8269-4E72-9BDE-60964F833C99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12hp_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D4E0FF-1E2C-4576-B5AB-B9A1ABECDF9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12hp_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2DDFE-344F-4A69-B347-0A29512EE5BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1900_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "109295F0-5525-449A-991C-18004AAEFCB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E715D86-A7FC-415E-8C13-1ACAF9C49C3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12vp_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "E69AA872-568F-4F6D-9715-1ED1A4E2C8D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12vp_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB81E20-E712-4F44-832C-8A7503316164",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1900p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "B344B5B3-D690-4639-815C-62B6024D5B56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1900u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C38788F7-3288-47B3-8793-98E16D7D758A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1900u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E285091-0B5F-43AE-A59C-4D3439E77053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12\\+_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "83A102DA-FA2E-4F02-890B-1BAA599A16FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12\\+_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C77F3227-992F-4F53-86CC-DDD842B6C6C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "78B5BD13-0EA3-465A-BF46-21A242CF6977",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12d1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "394D1205-366E-4F95-9D84-F083F61B24CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E99301-3EC0-4E09-AB00-A0AB1AC0AA97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1750_b1__firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD5E72B-CF7A-4EAB-9F4C-64BE953029F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D10D10-1F57-4157-89BD-A711D3024B10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:4g-ac53u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBED666-37F7-49B4-BBDB-7999FC82AF12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:4g-ac53u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3381A1-5169-4DA9-BC6F-8FDBD7090FC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "18ED9E0E-2E5A-4FB0-86A8-E452D385F8B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "41A6A080-7612-4AF2-AF1E-339E00B9A889",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66w_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "9B4ECE7F-6173-4637-85DF-7B44EA41FFA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D988AC4-60B7-4388-8589-A04CACC2CB31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:4g-ac68u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "5250DC13-AC0E-4E95-9450-AAF420E5E2C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:4g-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46317EAB-C1A9-4811-9DB4-767A58E92A3B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
},
{
"lang": "es",
"value": "ASUS RT-A88U versi\u00f3n 3.0.0.4.386_45898 es vulnerable a un ataque de tipo Cross Site Scripting (XSS).\u0026#xa0;El panel de administraci\u00f3n del enrutador ASUS no desinfecta los registros de WiFI correctamente, si un atacante pudiera cambiar el SSID del enrutador con una carga \u00fatil personalizada, podr\u00eda obtener XSS almacenado en el dispositivo"
}
],
"id": "CVE-2021-43702",
"lastModified": "2024-11-21T06:29:39.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-05T12:15:07.830",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 09:59
Modified
2025-04-20 01:37
Severity ?
Summary
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers | Press/Media Coverage | |
| cve@mitre.org | https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers | Press/Media Coverage | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rt-ac66u_firmware | - | |
| asus | rt-ac66u | - | |
| trendnet | tew-812dru_firmware | - | |
| trendnet | tew-812dru | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FFDE31E-5C68-4DC7-9B4A-C19F1719CA91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:trendnet:tew-812dru_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A912D3-05B3-4A84-A0C9-743BC059A57E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:trendnet:tew-812dru:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28DC340B-27D7-4F13-A544-E8256159C2D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Broadcom ACSD permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga al puerto TCP 5916. Este componente es utilizado en routers de m\u00faltiples vendedores incluyendo ASUS RT-AC66U y TRENDnet TEW-812DRU."
}
],
"id": "CVE-2013-4659",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T09:59:00.160",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
],
"url": "http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage"
],
"url": "http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-04 19:29
Modified
2024-11-21 04:15
Severity ?
Summary
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rt-ac66u_firmware | * | |
| asus | rt-ac66u | - | |
| asus | rt-ac68u_firmware | * | |
| asus | rt-ac68u | - | |
| asus | rt-ac86u_firmware | * | |
| asus | rt-ac86u | - | |
| asus | rt-ac88u_firmware | * | |
| asus | rt-ac88u | - | |
| asus | rt-ac1900_firmware | * | |
| asus | rt-ac1900 | - | |
| asus | rt-ac2900_firmware | * | |
| asus | rt-ac2900 | - | |
| asus | rt-ac3100_firmware | * | |
| asus | rt-ac3100 | - | |
| asus | rt-n18u_firmware | * | |
| asus | rt-n18u | - | |
| asus | rt-ac87u_firmware | * | |
| asus | rt-ac87u | - | |
| asus | rt-ac3200_firmware | * | |
| asus | rt-ac3200 | - | |
| asus | rt-ac5300_firmware | * | |
| asus | rt-ac5300 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3C6A2A-0B2A-4B80-BEAA-87AE8E40A7A4",
"versionEndExcluding": "3.0.0.4.384.10007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6D75D0-EE44-4164-89F0-E04D62E45AA9",
"versionEndExcluding": "3.0.0.4.384.10007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96AD1247-EA76-4E9C-B992-6F3D369F7B33",
"versionEndExcluding": "3.0.0.4.384.10007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac88u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91CD50CE-4A9F-420D-A6C6-846790A8B015",
"versionEndExcluding": "3.0.0.4.384.10007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8E6D66-1D74-42EC-83D7-68D45C4E6CDF",
"versionEndExcluding": "3.0.0.4.384.10007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E715D86-A7FC-415E-8C13-1ACAF9C49C3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA924A6-9525-498B-9803-64149D077B0B",
"versionEndExcluding": "3.0.0.4.384.10007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2640D39-F0C3-49AA-87D1-F423150FDF2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2484D33-5279-433B-A61F-EF91F9499DD5",
"versionEndExcluding": "3.0.0.4.384.10007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n18u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "470121E9-650D-4183-B03B-CB58110708C5",
"versionEndExcluding": "3.0.0.4.382.39935",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n18u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB744DE5-64DB-4EFF-A23C-EE9BB57A36C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac87u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4A04F3F-8DF0-4D0A-95DB-DA2004BE280E",
"versionEndExcluding": "3.0.0.4.382.50010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "532AC95B-6B12-48F2-A556-F1729D10D839",
"versionEndExcluding": "3.0.0.4.382.50010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61D77199-A591-4194-95A1-298572A753B4",
"versionEndExcluding": "3.0.0.4.384.20287",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
},
{
"lang": "es",
"value": "Main_Analysis_Content.asp en /apply.cgi en dispositivos ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900 y en dispositivos RT-AC3100 en versiones anteriores a la 3.0.0.4.384_10007; dispositivos RT-N18U en versiones anteriores a la 3.0.0.4.382.39935; dispositivos RT-AC87U y RT-AC3200 en versiones anteriores a la 3.0.0.4.382.50010; y dispositivos RT-AC5300 en versiones anteriores a la 3.0.0.4.384.20287 permite la inyecci\u00f3n de comandos del sistema operativo mediante los campos pingCNT y destIP de la variable SystemCmd."
}
],
"id": "CVE-2018-9285",
"lastModified": "2024-11-21T04:15:17.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-04T19:29:00.687",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://starlabs.sg/advisories/18-20335/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20335/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | asuswrt | 3.0.0.4.384.20308 | |
| asus | gt-ac2900 | - | |
| asus | gt-ac5300 | - | |
| asus | gt-ax11000 | - | |
| asus | rt-ac1200 | - | |
| asus | rt-ac1200_v2 | - | |
| asus | rt-ac1200g | - | |
| asus | rt-ac1200ge | - | |
| asus | rt-ac1750 | - | |
| asus | rt-ac1750_b1 | - | |
| asus | rt-ac1900p | - | |
| asus | rt-ac3100 | - | |
| asus | rt-ac3200 | - | |
| asus | rt-ac51u | - | |
| asus | rt-ac5300 | - | |
| asus | rt-ac55u | - | |
| asus | rt-ac56r | - | |
| asus | rt-ac56s | - | |
| asus | rt-ac56u | - | |
| asus | rt-ac66r | - | |
| asus | rt-ac66u | - | |
| asus | rt-ac66u-b1 | - | |
| asus | rt-ac66u_b1 | - | |
| asus | rt-ac68p | - | |
| asus | rt-ac68u | - | |
| asus | rt-ac86u | - | |
| asus | rt-ac87u | - | |
| asus | rt-ac88u | - | |
| asus | rt-acrh12 | - | |
| asus | rt-acrh13 | - | |
| asus | rt-ax3000 | - | |
| asus | rt-ax56u | - | |
| asus | rt-ax58u | - | |
| asus | rt-ax88u | - | |
| asus | rt-ax92u | - | |
| asus | rt-g32 | - | |
| asus | rt-n10\+d1 | - | |
| asus | rt-n10e | - | |
| asus | rt-n14u | - | |
| asus | rt-n16 | - | |
| asus | rt-n19 | - | |
| asus | rt-n56r | - | |
| asus | rt-n56u | - | |
| asus | rt-n600 | - | |
| asus | rt-n65u | - | |
| asus | rt-n66r | - | |
| asus | rt-n66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Un usuario no autenticado puede desencadenar una DoS del servicio httpd por medio del URI /APP_Installation.asp?=."
}
],
"id": "CVE-2018-20335",
"lastModified": "2024-11-21T04:01:15.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-20T01:15:22.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20335/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20335/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-26 12:05
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC5E8AB-ADD3-4C8D-ABAB-6D899174280E",
"versionEndIncluding": "3.0.0.4.354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.140:*:*:*:*:*:*:*",
"matchCriteriaId": "A946A449-7623-48FE-878A-E17DA2F41A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.220:*:*:*:*:*:*:*",
"matchCriteriaId": "A023852A-84B7-4937-886D-8893CD778DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.246:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8B4AB-0EF4-4963-AE20-F4F1C3ABFC26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
"matchCriteriaId": "553DE051-C59F-4B16-A733-C2055B14DB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.270:*:*:*:*:*:*:*",
"matchCriteriaId": "37AE944A-EF53-4F57-8A86-7DE209F00D17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C801E60F-6D3D-4179-AA38-1268338C03DE",
"versionEndIncluding": "3.0.0.4.370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.272:*:*:*:*:*:*:*",
"matchCriteriaId": "82C3DA99-69D6-4C2D-B485-7785EEDA38F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n65u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4769A7-BFC5-43DF-9FEE-14CC9BB8BD4F",
"versionEndIncluding": "3.0.0.4.346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.134:*:*:*:*:*:*:*",
"matchCriteriaId": "02E9974C-F3E1-4145-865F-974982804823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.176:*:*:*:*:*:*:*",
"matchCriteriaId": "B3979CD4-DFBC-460C-8E92-879F7C355D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA3F63E-F4FA-4066-AEA0-B1149E4B1190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.334:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9A77E0-1CC3-4E07-B99A-8DC750C982F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.342:*:*:*:*:*:*:*",
"matchCriteriaId": "642056A2-9B4E-465C-8333-392C70D658AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n14u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3FB0ED-9BF8-4F77-AEA0-536A961CE5F5",
"versionEndIncluding": "3.0.0.4.356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.322:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A0A4C1-226A-42D5-A728-CBB7D2B02A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE3A93F2-C6C1-48F9-9273-3A322A8951A8",
"versionEndIncluding": "3.0.0.4.354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:1.0.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C76611FB-9811-48E5-8F16-824A15CFC226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:1.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6887911A-9CD0-419C-AE2E-932F8AD179DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.108:*:*:*:*:*:*:*",
"matchCriteriaId": "65D943A4-CD5D-4381-8C4F-FF4FC600F226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.162:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA3CD4B-B518-459B-AFF5-CCFF47D3BAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.178:*:*:*:*:*:*:*",
"matchCriteriaId": "939D788D-BFF7-4DEB-8C47-751532E4AC36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.220:*:*:*:*:*:*:*",
"matchCriteriaId": "DF6BBB0E-D69B-4854-8A5C-D6C20ABB857E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.246:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1CCB22-3D8D-4618-819B-2EA14C42A4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
"matchCriteriaId": "715FFC31-33A1-469E-BF65-4749F6643EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n16_firmware:7.0.2.38b:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0EAF76-C2F8-4AD5-BF3D-0922DEED7B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3027E138-144F-4E36-8C6C-E4A3E71CB1E7",
"versionEndIncluding": "3.0.0.4.360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8E3CB7-1ADA-428C-881F-BB266991F39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4o:*:*:*:*:*:*:*",
"matchCriteriaId": "699F6C57-F1AE-4AF5-BF56-529D41C91068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "F17E0B8C-7BA1-4FC5-84EC-4FFC87A9AC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "69C68ABB-391D-45D8-9250-D93F8BFE305C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8j:*:*:*:*:*:*:*",
"matchCriteriaId": "D1FDDF9C-4C30-4AAC-9449-7404181071B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8l:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE8F24A-837B-4198-B8F6-E42386D2F524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8n:*:*:*:*:*:*:*",
"matchCriteriaId": "14A9D580-ACD6-4F2F-9322-E6B4C72C8BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.318:*:*:*:*:*:*:*",
"matchCriteriaId": "E2660735-2247-42D9-9BAA-D785D18E6F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.334:*:*:*:*:*:*:*",
"matchCriteriaId": "401BB537-95FB-4BFB-BC40-CD73817D7E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.342:*:*:*:*:*:*:*",
"matchCriteriaId": "04A7CA72-DFAD-4E9A-BB3E-EAE9973C19C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "64BCA764-5BAD-4CAB-B39F-A1D67E44EDA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF40558-B7F8-4A2B-9819-EE3DD2C183AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:8.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D82C1-764C-4DF0-B296-964602D0EC54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:dsl-n56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6573DB51-CD36-4F99-82D6-EE52CA0E5136",
"versionEndIncluding": "3.0.0.4.364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:dsl-n56u_firmware:1.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3A02DC87-A0B4-460F-BE23-AFF51F52427C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:dsl-n56u_firmware:3.0.0.4.188:*:*:*:*:*:*:*",
"matchCriteriaId": "AE119718-A2F2-47A8-869F-3229A788EB04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:asus:dsl-n56u_firmware:3.0.0.4.314:*:*:*:*:*:*:*",
"matchCriteriaId": "5199B461-E2F0-4F35-963E-B3716AB5A04E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:dsl-n55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B81970C5-B766-4D2E-91EE-ADD5A9B77FF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en la caracter\u00edstica AiCloud de los ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, y DSL-N55U con firmware anteriores a v3.0.4.372 tienen impacto y vectores de ataque desconocidos."
}
],
"id": "CVE-2013-4937",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-26T12:05:40.867",
"references": [
{
"source": "cve@mitre.org",
"url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
},
{
"source": "cve@mitre.org",
"url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 16:15
Modified
2024-11-21 04:14
Severity ?
Summary
Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://pagedout.institute/download/PagedOut_001_beta1.pdf | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pagedout.institute/download/PagedOut_001_beta1.pdf | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rt-ac66u_firmware | * | |
| asus | rt-ac66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E89720D-90F4-443E-8875-90B365A5D650",
"versionEndExcluding": "3.0.0.4.382.50470",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el firmware Asuswrt-Merlin para dispositivos ASUS versiones anteriores a 384.4 y el firmware ASUS versiones anteriores a 3.0.0.4.382.50470 para dispositivos, permite a atacantes remotos ejecutar c\u00f3digo arbitrario al proporcionar una cadena larga en la p\u00e1gina block.asp por medio de una petici\u00f3n GET o POST. Los par\u00e1metros vulnerables son flag, mac y cat_id."
}
],
"id": "CVE-2018-8879",
"lastModified": "2024-11-21T04:14:30.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T16:15:11.720",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://pagedout.institute/download/PagedOut_001_beta1.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://pagedout.institute/download/PagedOut_001_beta1.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-13 15:15
Modified
2024-11-21 01:56
Severity ?
Summary
Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.ise.io/casestudies/exploiting-soho-routers/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.ise.io/soho_service_hacks/ | Third Party Advisory | |
| cve@mitre.org | https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ise.io/casestudies/exploiting-soho-routers/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ise.io/soho_service_hacks/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | rt-ac66u_firmware | - | |
| asus | rt-ac66u | - | |
| asus | rt-n56u_firmware | - | |
| asus | rt-n56u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FFDE31E-5C68-4DC7-9B4A-C19F1719CA91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30CAB8E5-7FB5-48CD-B68A-1ACE07E8EA8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Salto de Enlace Simb\u00f3lico en ASUS RT-AC66U y RT-N56U debido a una configuraci\u00f3n inapropiada en el servicio SMB."
}
],
"id": "CVE-2013-4656",
"lastModified": "2024-11-21T01:56:00.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-13T15:15:09.963",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ise.io/soho_service_hacks/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ise.io/soho_service_hacks/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-22 05:22
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | tm-ac1900_firmware | 3.0.0.4..374_979 | |
| asus | tm-ac1900 | - | |
| asus | rt-n56u_firmware | 3.0.0.4..374_979 | |
| asus | rt-n56u | - | |
| asus | rt-ac66u_firmware | 3.0.0.4..374_979 | |
| asus | rt-ac66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:tm-ac1900_firmware:3.0.0.4..374_979:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD9DC72-BBEA-4152-9109-2C0136832B4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:tm-ac1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BB1518-24C4-4822-A040-9AB8F16B1C53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4..374_979:*:*:*:*:*:*:*",
"matchCriteriaId": "5D76427C-05A6-475E-A199-3E86683CF266",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4..374_979:*:*:*:*:*:*:*",
"matchCriteriaId": "446DE8B4-C6E2-4292-8CD5-D890515E9F6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en web.c de httpd en routers ASUS RT-N56U y RT-AC66U con firmware 3.0.0.4.374_979 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de par\u00e1metros (1) apps_name o (2) apps_flag hacia APP_Installation.asp."
}
],
"id": "CVE-2013-6343",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-22T05:22:12.737",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://infosec42.blogspot.com/2014/01/exploit-asus-rt-n56u-remote-root-shell.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/102267"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/31033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/65046"
},
{
"source": "cve@mitre.org",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://infosec42.blogspot.com/2014/01/exploit-asus-rt-n56u-remote-root-shell.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/102267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/31033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.t-mobile.com/docs/DOC-21994"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-8879 (GCVE-0-2018-8879)
Vulnerability from cvelistv5
Published
2019-11-21 15:26
Modified
2024-08-05 07:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:46.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pagedout.institute/download/PagedOut_001_beta1.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-21T15:26:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pagedout.institute/download/PagedOut_001_beta1.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS",
"refsource": "MISC",
"url": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS"
},
{
"name": "https://pagedout.institute/download/PagedOut_001_beta1.pdf",
"refsource": "MISC",
"url": "https://pagedout.institute/download/PagedOut_001_beta1.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-8879",
"datePublished": "2019-11-21T15:26:03",
"dateReserved": "2018-03-20T00:00:00",
"dateUpdated": "2024-08-05T07:10:46.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8826 (GCVE-0-2018-8826)
Vulnerability from cvelistv5
Published
2018-04-20 20:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:26.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-20T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
},
{
"name": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/",
"refsource": "CONFIRM",
"url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-8826",
"datePublished": "2018-04-20T20:00:00",
"dateReserved": "2018-03-20T00:00:00",
"dateUpdated": "2024-08-05T07:02:26.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6343 (GCVE-0-2013-6343)
Vulnerability from cvelistv5
Published
2014-01-22 02:00
Modified
2024-08-06 17:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://infosec42.blogspot.com/2014/01/exploit-asus-rt-n56u-remote-root-shell.html"
},
{
"name": "102267",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102267"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"name": "31033",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31033"
},
{
"name": "65046",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65046"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://infosec42.blogspot.com/2014/01/exploit-asus-rt-n56u-remote-root-shell.html"
},
{
"name": "102267",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102267"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"name": "31033",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31033"
},
{
"name": "65046",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65046"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://infosec42.blogspot.com/2014/01/exploit-asus-rt-n56u-remote-root-shell.html",
"refsource": "MISC",
"url": "http://infosec42.blogspot.com/2014/01/exploit-asus-rt-n56u-remote-root-shell.html"
},
{
"name": "102267",
"refsource": "OSVDB",
"url": "http://osvdb.org/102267"
},
{
"name": "https://support.t-mobile.com/docs/DOC-21994",
"refsource": "CONFIRM",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"name": "31033",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31033"
},
{
"name": "65046",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65046"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6343",
"datePublished": "2014-01-22T02:00:00",
"dateReserved": "2013-11-01T00:00:00",
"dateUpdated": "2024-08-06T17:39:01.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20334 (GCVE-0-2018-20334)
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:18.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://starlabs.sg/advisories/18-20334/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T00:11:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://starlabs.sg/advisories/18-20334/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://starlabs.sg/advisories/18-20334/",
"refsource": "MISC",
"url": "https://starlabs.sg/advisories/18-20334/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20334",
"datePublished": "2020-03-20T00:11:06",
"dateReserved": "2018-12-21T00:00:00",
"dateUpdated": "2024-08-05T11:58:18.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4659 (GCVE-0-2013-4659)
Vulnerability from cvelistv5
Published
2017-03-14 09:02
Modified
2024-08-06 16:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:26.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T08:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/122562/ASUS-RT-AC66U-ACSD-Remote-Root-Buffer-Overflow.html"
},
{
"name": "http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers",
"refsource": "MISC",
"url": "http://www.linux-magazine.com/Issues/2014/161/Security-and-SOHO-Routers"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4659",
"datePublished": "2017-03-14T09:02:00",
"dateReserved": "2013-06-24T00:00:00",
"dateUpdated": "2024-08-06T16:52:26.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9285 (GCVE-0-2018-9285)
Vulnerability from cvelistv5
Published
2018-04-04 19:00
Modified
2024-08-05 07:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:52.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-13T17:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html",
"refsource": "MISC",
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"name": "https://fortiguard.com/zeroday/FG-VD-17-216",
"refsource": "MISC",
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"name": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9285",
"datePublished": "2018-04-04T19:00:00",
"dateReserved": "2018-04-04T00:00:00",
"dateUpdated": "2024-08-05T07:17:52.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43702 (GCVE-0-2021-43702)
Vulnerability from cvelistv5
Published
2022-07-05 11:50
Modified
2024-08-04 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-05T11:50:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-43702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
"refsource": "MISC",
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
"refsource": "MISC",
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43702",
"datePublished": "2022-07-05T11:50:03",
"dateReserved": "2021-11-15T00:00:00",
"dateUpdated": "2024-08-04T04:03:08.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20333 (GCVE-0-2018-20333)
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://starlabs.sg/advisories/18-20333/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T00:11:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://starlabs.sg/advisories/18-20333/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://starlabs.sg/advisories/18-20333/",
"refsource": "MISC",
"url": "https://starlabs.sg/advisories/18-20333/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20333",
"datePublished": "2020-03-20T00:11:15",
"dateReserved": "2018-12-21T00:00:00",
"dateUpdated": "2024-08-05T11:58:19.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2718 (GCVE-0-2014-2718)
Vulnerability from cvelistv5
Published
2014-11-04 22:00
Modified
2024-08-06 10:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:36.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20141028 CVE-2014-2718: ASUS wireless router updates are vulnerable to a MITM attack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"name": "asus-cve20142718-mitm(98316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"name": "70791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20141028 CVE-2014-2718: ASUS wireless router updates are vulnerable to a MITM attack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"name": "asus-cve20142718-mitm(98316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"name": "70791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141028 CVE-2014-2718: ASUS wireless router updates are vulnerable to a MITM attack",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"name": "asus-cve20142718-mitm(98316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"name": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"name": "https://support.t-mobile.com/docs/DOC-21994",
"refsource": "CONFIRM",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"name": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html",
"refsource": "MISC",
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"name": "70791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2718",
"datePublished": "2014-11-04T22:00:00",
"dateReserved": "2014-04-01T00:00:00",
"dateUpdated": "2024-08-06T10:21:36.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7997 (GCVE-0-2020-7997)
Vulnerability from cvelistv5
Published
2020-01-28 04:33
Modified
2024-08-04 09:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T04:33:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-7997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68",
"refsource": "MISC",
"url": "https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-7997",
"datePublished": "2020-01-28T04:33:24",
"dateReserved": "2020-01-26T00:00:00",
"dateUpdated": "2024-08-04T09:48:25.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20335 (GCVE-0-2018-20335)
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:18.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://starlabs.sg/advisories/18-20335/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T00:11:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://starlabs.sg/advisories/18-20335/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://starlabs.sg/advisories/18-20335/",
"refsource": "MISC",
"url": "https://starlabs.sg/advisories/18-20335/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20335",
"datePublished": "2020-03-20T00:11:09",
"dateReserved": "2018-12-21T00:00:00",
"dateUpdated": "2024-08-05T11:58:18.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4937 (GCVE-0-2013-4937)
Vulnerability from cvelistv5
Published
2013-07-26 10:00
Modified
2024-09-17 02:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-26T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://reviews.cnet.com/8301-3132_7-57594003-98",
"refsource": "MISC",
"url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
},
{
"name": "http://twitter.com/ASUSUSA/statuses/357612236392509440",
"refsource": "CONFIRM",
"url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4937",
"datePublished": "2013-07-26T10:00:00Z",
"dateReserved": "2013-07-26T00:00:00Z",
"dateUpdated": "2024-09-17T02:46:42.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3093 (GCVE-0-2013-3093)
Vulnerability from cvelistv5
Published
2020-01-28 20:13
Modified
2024-08-06 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ASUS RT-N56U devices allow CSRF.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/archive/1/531194"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-N56U devices allow CSRF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T20:13:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/archive/1/531194"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-N56U devices allow CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.securityfocus.com/archive/1/531194",
"refsource": "MISC",
"url": "https://www.securityfocus.com/archive/1/531194"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3093",
"datePublished": "2020-01-28T20:13:17",
"dateReserved": "2013-04-17T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9583 (GCVE-0-2014-9583)
Vulnerability from cvelistv5
Published
2015-01-08 20:00
Modified
2024-08-06 13:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35688",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35688"
},
{
"name": "44524",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44524/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jduck/asus-cmd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-26T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35688",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35688"
},
{
"name": "44524",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44524/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jduck/asus-cmd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35688",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35688"
},
{
"name": "44524",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44524/"
},
{
"name": "https://support.t-mobile.com/docs/DOC-21994",
"refsource": "CONFIRM",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"name": "https://github.com/jduck/asus-cmd",
"refsource": "MISC",
"url": "https://github.com/jduck/asus-cmd"
},
{
"name": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9583",
"datePublished": "2015-01-08T20:00:00",
"dateReserved": "2015-01-08T00:00:00",
"dateUpdated": "2024-08-06T13:47:41.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4656 (GCVE-0-2013-4656)
Vulnerability from cvelistv5
Published
2019-11-13 14:44
Modified
2024-08-06 16:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:26.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ise.io/soho_service_hacks/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-13T14:44:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ise.io/soho_service_hacks/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ise.io/casestudies/exploiting-soho-routers/",
"refsource": "MISC",
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"name": "https://www.ise.io/soho_service_hacks/",
"refsource": "MISC",
"url": "https://www.ise.io/soho_service_hacks/"
},
{
"name": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf",
"refsource": "MISC",
"url": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4656",
"datePublished": "2019-11-13T14:44:05",
"dateReserved": "2013-06-24T00:00:00",
"dateUpdated": "2024-08-06T16:52:26.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}