Search criteria
10 vulnerabilities found for rt-ac88u_firmware by asus
CVE-2021-43702 (GCVE-0-2021-43702)
Vulnerability from nvd – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
VLAI?
Summary
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-05T11:50:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-43702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
"refsource": "MISC",
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
"refsource": "MISC",
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43702",
"datePublished": "2022-07-05T11:50:03",
"dateReserved": "2021-11-15T00:00:00",
"dateUpdated": "2024-08-04T04:03:08.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3128 (GCVE-0-2021-3128)
Vulnerability from nvd – Published: 2021-04-12 17:41 – Updated: 2024-08-03 16:45
VLAI?
Summary
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-12T17:41:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3128",
"datePublished": "2021-04-12T17:41:07",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29656 (GCVE-0-2020-29656)
Vulnerability from nvd – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
VLAI?
Summary
An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_language makes it possible to reach "unknown functionality" in a "known to be easy" manner via an unspecified "public exploit."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.165677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T08:00:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.165677"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.165677",
"refsource": "MISC",
"url": "https://vuldb.com/?id.165677"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29656",
"datePublished": "2020-12-09T08:00:42",
"dateReserved": "2020-12-09T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29655 (GCVE-0-2020-29655)
Vulnerability from nvd – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
VLAI?
Summary
An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1&productname=FOOBAR&url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.165678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T08:00:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.165678"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.165678",
"refsource": "MISC",
"url": "https://vuldb.com/?id.165678"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29655",
"datePublished": "2020-12-09T08:00:58",
"dateReserved": "2020-12-09T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9285 (GCVE-0-2018-9285)
Vulnerability from nvd – Published: 2018-04-04 19:00 – Updated: 2024-08-05 07:17
VLAI?
Summary
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:52.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-13T17:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html",
"refsource": "MISC",
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"name": "https://fortiguard.com/zeroday/FG-VD-17-216",
"refsource": "MISC",
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"name": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9285",
"datePublished": "2018-04-04T19:00:00",
"dateReserved": "2018-04-04T00:00:00",
"dateUpdated": "2024-08-05T07:17:52.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43702 (GCVE-0-2021-43702)
Vulnerability from cvelistv5 – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
VLAI?
Summary
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-05T11:50:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-43702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
"refsource": "MISC",
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
"refsource": "MISC",
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43702",
"datePublished": "2022-07-05T11:50:03",
"dateReserved": "2021-11-15T00:00:00",
"dateUpdated": "2024-08-04T04:03:08.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3128 (GCVE-0-2021-3128)
Vulnerability from cvelistv5 – Published: 2021-04-12 17:41 – Updated: 2024-08-03 16:45
VLAI?
Summary
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-12T17:41:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/",
"refsource": "MISC",
"url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
},
{
"name": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/",
"refsource": "MISC",
"url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3128",
"datePublished": "2021-04-12T17:41:07",
"dateReserved": "2021-01-12T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29655 (GCVE-0-2020-29655)
Vulnerability from cvelistv5 – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
VLAI?
Summary
An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1&productname=FOOBAR&url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.165678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T08:00:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.165678"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.165678",
"refsource": "MISC",
"url": "https://vuldb.com/?id.165678"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29655",
"datePublished": "2020-12-09T08:00:58",
"dateReserved": "2020-12-09T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29656 (GCVE-0-2020-29656)
Vulnerability from cvelistv5 – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
VLAI?
Summary
An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_language makes it possible to reach "unknown functionality" in a "known to be easy" manner via an unspecified "public exploit."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.165677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T08:00:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.165677"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.165677",
"refsource": "MISC",
"url": "https://vuldb.com/?id.165677"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29656",
"datePublished": "2020-12-09T08:00:42",
"dateReserved": "2020-12-09T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9285 (GCVE-0-2018-9285)
Vulnerability from cvelistv5 – Published: 2018-04-04 19:00 – Updated: 2024-08-05 07:17
VLAI?
Summary
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:52.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-13T17:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html",
"refsource": "MISC",
"url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
},
{
"name": "https://fortiguard.com/zeroday/FG-VD-17-216",
"refsource": "MISC",
"url": "https://fortiguard.com/zeroday/FG-VD-17-216"
},
{
"name": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9285",
"datePublished": "2018-04-04T19:00:00",
"dateReserved": "2018-04-04T00:00:00",
"dateUpdated": "2024-08-05T07:17:52.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}