- EPSS 0.52%
- Veröffentlicht 05.07.2022 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:29:39
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stor...
CVE-2018-14711
- EPSS 0.14%
- Veröffentlicht 13.05.2019 13:29:01
- Zuletzt bearbeitet 21.11.2024 03:49:38
Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs.
CVE-2018-14712
- EPSS 0.41%
- Veröffentlicht 13.05.2019 13:29:01
- Zuletzt bearbeitet 21.11.2024 03:49:38
Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter.
CVE-2018-14713
- EPSS 0.85%
- Veröffentlicht 13.05.2019 13:29:01
- Zuletzt bearbeitet 21.11.2024 03:49:38
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter.
- EPSS 79.72%
- Veröffentlicht 13.05.2019 13:29:01
- Zuletzt bearbeitet 21.11.2024 03:49:39
System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.
CVE-2018-14710
- EPSS 0.28%
- Veröffentlicht 13.05.2019 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:38
Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the "hook" URL parameter.
- EPSS 2.81%
- Veröffentlicht 04.04.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:17
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382....