RSS   Vulnerabilities for 'Asuswrt'   RSS

2018-01-31
 
CVE-2017-15656

CWE-522
 

 
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt.

 
 
CVE-2017-15654

CWE-330
 

 
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access.

 
 
CVE-2017-15653

CWE-613
 

 
Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string.

 
2018-01-22
 
CVE-2018-6000

CWE-862
 

 
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.

 
 
CVE-2018-5999

CWE-noinfo
 

 
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.

 

 >>> Vendor: ASUS 84 Products
Video security online
Remote console
Smartlogon
Asus wl-330ge
Asus wl-500w
Rt-n56u firmware
Rt-n56u
Ipswcom activex component
Net4switch
Rt-ac66u
Rt-n14u
Rt-n16u
Rt-n65u
Rt-n66u
Rt-ac66u firmware
Rt-n14u firmware
Rt-n16 firmware
Rt-n65u firmware
Rt-n66u firmware
Rt-n10e
Rt-n10e firmware
Wl-330nul
Rt-ac68u
Rt-ac68u firmware
Rt firmware
Rt series firmware
Wrt firmware
Rt-ac56s
Rt-ac87u
Rt-ac56s firmware
Rt-ac87u firmware
Rt-n10+d1 firmware
Rt-g32 firmware
Tm-1900
Wl-330nul firmware
Wl-33nul firmware
Tm-ac1900 firmware
Rt-ac53 firmware
Rt-ac1750 firmware
Dsl-n10s firmware
Asuswrt
Dsl-ac51 firmware
Dsl-ac52u firmware
Dsl-ac55u firmware
Dsl-ac56u firmware
Dsl-ac750 firmware
Dsl-n10 c1 firmware
Dsl-n12e c1 firmware
Dsl-n12u c1 firmware
Dsl-n14u-b1 firmware
Dsl-n14u firmware
Dsl-n16 firmware
Dsl-n16u firmware
Dsl-n17u firmware
Dsl-n55u c1 firmware
Dsl-n55u d1 firmware
Dsl-n66u firmware
Rt-ac1200 firmware
Rt-ac2900 firmware
Rt-ac51u firmware
Rt-ac52u b1 firmware
Rt-ac55u firmware
Rt-ac55uhp firmware
Rt-ac58u firmware
Rt-ac86u firmware
Rt-acrh13 firmware
Rt-n12 d1 firmware
Rt-n600 firmware
Ea-n66 firmware
Rp-ac52 firmware
Rp-ac56 firmware
Rp-n12 firmware
Rp-n14 firmware
Rp-n53 firmware
Wmp-n12 firmware
Hg100 firmware
Gt-ac5300 firmware
Zenfone 3 max firmware
Aura sync firmware
Zenfone v live firmware
Rt-ac3200 firmware
Smarthome
Precision touchpad
Asuswrt-merlin


Copyright 2019, cxsecurity.com

 

Back to Top