VYPR

RT-AC3200

by Asus

CVEs (6)

  • CVE-2018-9285CriApr 4, 2018
    risk 0.64cvss 9.8epss 0.04

    Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices…

  • CVE-2018-14714May 13, 2019
    risk 0.06cvss epss 0.27

    System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.

  • CVE-2018-14713May 13, 2019
    risk 0.00cvss epss 0.04

    Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter.

  • CVE-2018-14712May 13, 2019
    risk 0.00cvss epss 0.04

    Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter.

  • CVE-2018-14711May 13, 2019
    risk 0.00cvss epss 0.01

    Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs.

  • CVE-2018-14710May 13, 2019
    risk 0.00cvss epss 0.05

    Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the "hook" URL parameter.