Asuswrt
by Asus
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6000 | 0.10 | — | 0.90 | Jan 22, 2018 | An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable… | |||
| CVE-2018-5999 | 0.10 | — | 0.91 | Jan 22, 2018 | An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails. | |||
| CVE-2022-26376 | 0.00 | — | 0.01 | Aug 5, 2022 | A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this… | |||
| CVE-2018-20335 | 0.00 | — | 0.02 | Mar 20, 2020 | An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI. | |||
| CVE-2018-20334 | 0.00 | — | 0.04 | Mar 20, 2020 | An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell. | |||
| CVE-2018-20336 | 0.00 | — | 0.00 | Sep 17, 2019 | An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak. | |||
| CVE-2017-15654 | 0.00 | — | 0.01 | Jan 31, 2018 | Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access. | |||
| CVE-2017-15653 | 0.00 | — | 0.00 | Jan 31, 2018 | Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string. | |||
| CVE-2017-15655 | 0.00 | — | 0.01 | Jan 31, 2018 | Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are… | |||
| CVE-2017-15656 | 0.00 | — | 0.00 | Jan 31, 2018 | Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt. |
- CVE-2018-6000Jan 22, 2018risk 0.10cvss —epss 0.90
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable…
- CVE-2018-5999Jan 22, 2018risk 0.10cvss —epss 0.91
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.
- CVE-2022-26376Aug 5, 2022risk 0.00cvss —epss 0.01
A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this…
- CVE-2018-20335Mar 20, 2020risk 0.00cvss —epss 0.02
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
- CVE-2018-20334Mar 20, 2020risk 0.00cvss —epss 0.04
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
- CVE-2018-20336Sep 17, 2019risk 0.00cvss —epss 0.00
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak.
- CVE-2017-15654Jan 31, 2018risk 0.00cvss —epss 0.01
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access.
- CVE-2017-15653Jan 31, 2018risk 0.00cvss —epss 0.00
Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string.
- CVE-2017-15655Jan 31, 2018risk 0.00cvss —epss 0.01
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are…
- CVE-2017-15656Jan 31, 2018risk 0.00cvss —epss 0.00
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt.