VYPR

GT-AC5300

by Asus

CVEs (5)

  • CVE-2018-17023HigSep 13, 2018
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.384_32738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.

  • CVE-2018-17127HigSep 17, 2018
    risk 0.49cvss 7.5epss 0.01

    blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter.

  • CVE-2018-17020HigSep 13, 2018
    risk 0.49cvss 7.5epss 0.02

    ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allow remote attackers to cause a denial of service via a single "GET / HTTP/1.1\r\n" line.

  • CVE-2018-17022HigSep 13, 2018
    risk 0.47cvss 7.2epss 0.02

    Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an…

  • CVE-2018-17021MedSep 13, 2018
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability on ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allows remote attackers to inject arbitrary web script or HTML via the appGet.cgi hook parameter.