Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for rt-n16 by asus

    VAR-201707-0387

    Vulnerability from variot - Updated: 2025-04-20 23:36

    Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response. ASUSRT-AC5300 and others are wireless routers from ASUS. A networkmap is one of the network diagram components. A buffer overflow vulnerability exists in networkmaps in several ASUS products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201707-0387",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-ac68u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n12\\+",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.378.7177"
          },
          {
            "model": "rt-ac66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac5300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n18u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt ac1200g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3167"
          },
          {
            "model": "rt ac1900p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n12hp",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.2943"
          },
          {
            "model": "rt ac1200gu",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.5577"
          },
          {
            "model": "rt-n12hp b1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3479"
          },
          {
            "model": "rt-ac51u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n16",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac3100",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac1200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac52u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.4180"
          },
          {
            "model": "rt-ac68p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac53",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9883"
          },
          {
            "model": "rt-n12d1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac88u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac3200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt n12\\+ pro",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac58u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7485"
          },
          {
            "model": "rt-ac55u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac66u b1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt ac1200g",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt ac1200gu",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt ac1900p",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt n12+ pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac1200",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac3100",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac3200",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac51u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac52u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac53",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac5300",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac55u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac58u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac66u b1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac68p",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac88u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12+",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12d1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12hp",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n18u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n300",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac5300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1900p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac52u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac51u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n18u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1200gu",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3100",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1200g",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac1200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac53",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12d1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12+",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt n12+ pro",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac55u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac56u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac58u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac88u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3479"
          },
          {
            "model": "rt-n12d1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n12\\+",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n12hp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.2943"
          },
          {
            "model": "rt-ac53",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9883"
          },
          {
            "model": "rt n12\\+ pro",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac1200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac3200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n300",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1200g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1200gu_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1900p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_n12%2B_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac1200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac3100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac3200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac51u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac52u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac53_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac5300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac55u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac58u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac66u_b1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac66u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac68p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac68u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac88u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12%2B_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12d1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12hp_b1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12hp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n16_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n18u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n66u_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          }
        ]
      },
      "cve": "CVE-2017-11344",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-11344",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2017-35393",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-101757",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-11344",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-11344",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-11344",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-35393",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201707-768",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-101757",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response. ASUSRT-AC5300 and others are wireless routers from ASUS. A networkmap is one of the network diagram components. A buffer overflow vulnerability exists in networkmaps in several ASUS products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-11344"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101757"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2017/07/14/3",
            "trust": 3.1
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11344",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393",
            "trust": 0.6
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-97015",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-101757",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "id": "VAR-201707-0387",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101757"
          }
        ],
        "trust": 1.342782942
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:36:49.576000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://asuswrt.lostrealm.ca/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-101757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
          },
          {
            "trust": 1.1,
            "url": "https://asuswrt.lostrealm.ca/changelog"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11344"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-11344"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "date": "2017-07-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101757"
          },
          {
            "date": "2017-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "date": "2017-07-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          },
          {
            "date": "2017-07-17T13:18:20.923000",
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-35393"
          },
          {
            "date": "2017-12-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101757"
          },
          {
            "date": "2017-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          },
          {
            "date": "2017-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-11344"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  ASUS For devices  Asuswrt-Merlin Firmware and  ASUS Firmware network map global buffer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005983"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-768"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201707-0400

    Vulnerability from variot - Updated: 2025-04-20 23:36

    Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response. ASUSRT-AC5300 and others are wireless routers from ASUS. A networkmap is one of the network diagram components. A buffer overflow vulnerability exists in networkmaps in several ASUS products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201707-0400",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-ac68u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n12\\+",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.378.7177"
          },
          {
            "model": "rt-ac66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac5300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n18u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt ac1200g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3167"
          },
          {
            "model": "rt ac1900p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n12hp",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.2943"
          },
          {
            "model": "rt ac1200gu",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.5577"
          },
          {
            "model": "rt-n12hp b1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3479"
          },
          {
            "model": "rt-ac51u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n16",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac3100",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac1200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac52u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.4180"
          },
          {
            "model": "rt-ac68p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac53",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9883"
          },
          {
            "model": "rt-n12d1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac88u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac3200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt n12\\+ pro",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac58u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7485"
          },
          {
            "model": "rt-ac55u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac66u b1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt ac1200g",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt ac1200gu",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt ac1900p",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt n12+ pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac1200",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac3100",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac3200",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac51u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac52u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac53",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac5300",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac55u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac58u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac66u b1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac68p",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac88u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12+",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12d1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12hp",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n18u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n300",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asus",
            "version": "1.0.1.4"
          },
          {
            "model": "rt-ac5300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1900p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac52u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac51u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n18u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1200gu",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3100",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1200g",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac1200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac53",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12d1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12+",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt n12+ pro",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac55u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac56u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac58u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac88u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3479"
          },
          {
            "model": "rt-n12d1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n12\\+",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n12hp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.2943"
          },
          {
            "model": "rt-ac53",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9883"
          },
          {
            "model": "rt ac1200gu",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.5577"
          },
          {
            "model": "rt n12\\+ pro",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac1200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n300",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1200g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1200gu_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1900p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_n12%2B_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac1200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac3100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac3200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac51u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac52u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac53_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac5300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac55u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac58u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac66u_b1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac66u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac68p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac68u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac88u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12%2B_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12d1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12hp_b1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12hp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n16_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n18u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n66u_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          }
        ]
      },
      "cve": "CVE-2017-11345",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-11345",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2017-35394",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-101758",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-11345",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-11345",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-11345",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-35394",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201707-767",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-101758",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101758"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response. ASUSRT-AC5300 and others are wireless routers from ASUS. A networkmap is one of the network diagram components. A buffer overflow vulnerability exists in networkmaps in several ASUS products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-11345"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101758"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-11345",
            "trust": 3.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2017/07/14/3",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394",
            "trust": 0.6
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-97016",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-101758",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101758"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "id": "VAR-201707-0400",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101758"
          }
        ],
        "trust": 1.342782942
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:36:49.545000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://asuswrt.lostrealm.ca/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-101758"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
          },
          {
            "trust": 1.1,
            "url": "https://asuswrt.lostrealm.ca/changelog"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11345"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-11345"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101758"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101758"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "date": "2017-07-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101758"
          },
          {
            "date": "2017-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "date": "2017-07-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          },
          {
            "date": "2017-07-17T13:18:20.953000",
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-35394"
          },
          {
            "date": "2017-12-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101758"
          },
          {
            "date": "2017-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          },
          {
            "date": "2017-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-11345"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  ASUS For devices  Asuswrt-Merlin Firmware and  ASUS Firmware network map stack buffer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005984"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-767"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201707-0535

    Vulnerability from variot - Updated: 2025-04-20 23:27

    Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list. ASUSRT-AC5300 is the RT series router product of ASUS. Asuswrt-Merlin is the firmware running in it. The following products are affected: ASUS RT-AC5300; RT_AC1900P; RT-AC68U; RT-AC68P; RT-AC88U; AC51U; RT-N18U; RT-N66U; RT-N56U; RT-AC3200; RT-AC3100; RT_AC1200GU; RT_AC1200G; RT_N12+_PRO; RT-N16; RT-N300

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201707-0535",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-ac68u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n12\\+",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.378.7177"
          },
          {
            "model": "rt-ac66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac5300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n18u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt ac1200g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3167"
          },
          {
            "model": "rt ac1900p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n12hp",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.2943"
          },
          {
            "model": "rt ac1200gu",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.5577"
          },
          {
            "model": "rt-n12hp b1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3479"
          },
          {
            "model": "rt-ac51u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n16",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac3100",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac1200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac52u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.4180"
          },
          {
            "model": "rt-ac68p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac53",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9883"
          },
          {
            "model": "rt-n12d1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac88u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-ac3200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt n12\\+ pro",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac58u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7485"
          },
          {
            "model": "rt-ac55u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-ac66u b1",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7743"
          },
          {
            "model": "rt-n300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt ac1200g",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt ac1200gu",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt ac1900p",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt n12+ pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac1200",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac3100",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac3200",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac51u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac52u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac53",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac5300",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac55u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac58u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac66u b1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac68p",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac88u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12+",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12d1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n12hp",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n18u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n300",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac5300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1900p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac88u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac58u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac56u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac55u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac52u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac51u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n18u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1200gu",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3100",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1200g",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac1200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac53",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12d1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12+",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt n12+ pro",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3479"
          },
          {
            "model": "rt ac1200g",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.3167"
          },
          {
            "model": "rt-n12d1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n12\\+",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n12hp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.2943"
          },
          {
            "model": "rt-ac53",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9883"
          },
          {
            "model": "rt n12\\+ pro",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-ac1200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.9880"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          },
          {
            "model": "rt-n300",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt merlin",
            "version": "3.0.0.4.380.7378"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1200g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1200gu_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_ac1900p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt_n12%2B_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac1200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac3100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac3200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac51u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac52u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac53_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac5300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac55u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac58u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac66u_b1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac66u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac68p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac68u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-ac88u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12%2B_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12d1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12hp_b1_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n12hp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n16_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n18u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:rt-n66u_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          }
        ]
      },
      "cve": "CVE-2017-11420",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-11420",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-24400",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-101841",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-11420",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-11420",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-11420",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-24400",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201707-754",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-101841",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list. ASUSRT-AC5300 is the RT series router product of ASUS. Asuswrt-Merlin is the firmware running in it. The following products are affected: ASUS RT-AC5300; RT_AC1900P; RT-AC68U; RT-AC68P; RT-AC88U; AC51U; RT-N18U; RT-N66U; RT-N56U; RT-AC3200; RT-AC3100; RT_AC1200GU; RT_AC1200G; RT_N12+_PRO; RT-N16; RT-N300",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-11420"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101841"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2017/07/13/1",
            "trust": 3.1
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11420",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-101841",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "id": "VAR-201707-0535",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101841"
          }
        ],
        "trust": 1.342782942
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:27:22.844000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://asuswrt.lostrealm.ca/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-101841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
          },
          {
            "trust": 1.1,
            "url": "https://asuswrt.lostrealm.ca/changelog"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11420"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-11420"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-09-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "date": "2017-07-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101841"
          },
          {
            "date": "2017-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "date": "2017-07-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          },
          {
            "date": "2017-07-18T05:29:00.470000",
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-09-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-24400"
          },
          {
            "date": "2017-12-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101841"
          },
          {
            "date": "2017-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          },
          {
            "date": "2017-07-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-11420"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  ASUS For devices  Asuswrt-Merlin Firmware and  ASUS Firmware network map  ASUS_Discovery.c Vulnerable to stack-based buffer overflow",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005985"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-754"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201708-1179

    Vulnerability from variot - Updated: 2025-04-20 23:23

    Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.67_0RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by sending a crafted http GET request packet that includes a long delete_offline_client parameter in the url. plural ASUS For devices Asuswrt-Merlin Firmware and ASUS The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSRT-AC5300 and others are wireless routers from ASUS. ASUSAsuswrt-Merlin is the firmware running in it. Httpd is one of the embedded http servers. A stack buffer overflow vulnerability exists in Asuswrt-Merlin380.67_0RT-AC5300 and previous versions of httpd in several ASUS products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201708-1179",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 1.2,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "asuswrt-merlin",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asuswrt merlin",
            "version": "380.67"
          },
          {
            "model": "asuswrt-merlin",
            "scope": null,
            "trust": 0.8,
            "vendor": "asuswrt merlin",
            "version": null
          },
          {
            "model": "rt-ac5300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt ac1900p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac52u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac51u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n18u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac3100",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac1200",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12hp b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12d1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n12+",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "asuswrt-merlin \u003c=380.67 0rt-ac5300",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac55u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac56u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac58u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u b1",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac88u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68p",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "asuswrt-merlin",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asuswrt",
            "version": "380.67_0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:asuswrt-merlin_project:asuswrt-merlin",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          }
        ]
      },
      "cve": "CVE-2017-12754",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2017-12754",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2017-32450",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-12754",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-12754",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-12754",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-12754",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-32450",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201708-443",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.67_0RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by sending a crafted http GET request packet that includes a long delete_offline_client parameter in the url. plural ASUS For devices Asuswrt-Merlin Firmware and ASUS The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSRT-AC5300 and others are wireless routers from ASUS. ASUSAsuswrt-Merlin is the firmware running in it. Httpd is one of the embedded http servers. A stack buffer overflow vulnerability exists in Asuswrt-Merlin380.67_0RT-AC5300 and previous versions of httpd in several ASUS products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-12754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-12754",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "id": "VAR-201708-1179",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          }
        ],
        "trust": 1.2386813426923076
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:23:37.803000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://asuswrt.lostrealm.ca/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.0,
            "url": "https://github.com/coincoin7/wireless-router-vulnerability/blob/master/asus_deleteofflineclientoverflow.txt"
          },
          {
            "trust": 1.6,
            "url": "https://asuswrt.lostrealm.ca/changelog"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12754"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12754"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          },
          {
            "date": "2017-09-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "date": "2017-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          },
          {
            "date": "2017-08-09T15:29:00.183000",
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-32450"
          },
          {
            "date": "2017-09-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          },
          {
            "date": "2020-05-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-12754"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  ASUS For devices  Asuswrt-Merlin Firmware and  ASUS Firmware buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007274"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-443"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201411-0483

    Vulnerability from variot - Updated: 2025-04-13 23:27

    ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image. Supplementary information : CWE Vulnerability type by CWE-345: Insufficient Verification of Data Authenticity ( Inadequate verification of data reliability ) Has been identified. ASUS RT-Series Wireless Routers is a wireless router device. There is a middleman security bypass vulnerability in ASUS RT Series Wireless Routers. An attacker can exploit a vulnerability to bypass certain restrictions and obtain sensitive information. The following products are affected: ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. In short, the router downloads via clear-text a file from http://dlcdnet.asus.com, parses it to determine the latest firmware version, then downloads (again in the clear) a binary file matching that version number from the same web site. No HTTP = no assurance that the site on the other end is the legitimate ASUS web site, and no assurance that the firmware file and version lookup table have not been modified in transit.

    In the link below I describe the issue in detail, and demonstrate a proof of concept through which I successfully caused an RT-AC66R to "upgrade" to an older firmware with known vulnerabilities. In concept it should also be possible to deliver a fully custom malicious firmware in the same manner.

    This applies to the RT-AC68U, RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. It may also apply to the RT-N53, RT-N14U, RT-N16, and RT-N16R since they use the same firmware base but a different sub-version.

    This has been fixed as an undocumented feature of the 376 firmware branch (3.0.0.4.376.x).

    Details and POC: http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html

    -- Regards, David Longenecker @dnlongen

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0483",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tm-ac1900",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "t mobile",
            "version": "3.0.0.4.376_3169"
          },
          {
            "model": "rt series",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374.x"
          },
          {
            "model": "rt",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.376.x"
          },
          {
            "model": "rt-series wireless routers",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n66r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n56r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n16r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n14u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac68u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac66r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac56u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac56r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "BID",
            "id": "70791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:asus:rt_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "David Longenecker",
        "sources": [
          {
            "db": "BID",
            "id": "70791"
          },
          {
            "db": "PACKETSTORM",
            "id": "128904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          }
        ],
        "trust": 1.0
      },
      "cve": "CVE-2014-2718",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2014-2718",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-07699",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-70657",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:C/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-2718",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-2718",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-07699",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201410-1415",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-70657",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image. Supplementary information : CWE Vulnerability type by CWE-345: Insufficient Verification of Data Authenticity ( Inadequate verification of data reliability ) Has been identified. ASUS RT-Series Wireless Routers is a wireless router device. There is a middleman security bypass vulnerability in ASUS RT Series Wireless Routers. An attacker can exploit a vulnerability to bypass certain restrictions and obtain sensitive information. The following products are affected: ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. In short, the router downloads via clear-text a\nfile from http://dlcdnet.asus.com, parses it to determine the latest\nfirmware version, then downloads (again in the clear) a binary file\nmatching that version number from the same web site. No HTTP = no assurance\nthat the site on the other end is the legitimate ASUS web site, and no\nassurance that the firmware file and version lookup table have not been\nmodified in transit. \n\nIn the link below I describe the issue in detail, and demonstrate a proof\nof concept through which I successfully caused an RT-AC66R to \"upgrade\" to\nan older firmware with known vulnerabilities. In concept it should also be\npossible to deliver a fully custom malicious firmware in the same manner. \n\nThis applies to the RT-AC68U, RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R,\nRT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. It may also apply to the\nRT-N53, RT-N14U, RT-N16, and RT-N16R since they use the same firmware base\nbut a different sub-version. \n\nThis has been fixed as an undocumented feature of the 376 firmware branch\n(3.0.0.4.376.x). \n\nDetails and POC:\nhttp://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html\n\n-- \nRegards,\nDavid Longenecker\n@dnlongen\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-2718"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "BID",
            "id": "70791"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "db": "PACKETSTORM",
            "id": "128904"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-70657",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-2718",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "70791",
            "trust": 2.6
          },
          {
            "db": "PACKETSTORM",
            "id": "128904",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "98316",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-70657",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "db": "BID",
            "id": "70791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "PACKETSTORM",
            "id": "128904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "id": "VAR-201411-0483",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          }
        ],
        "trust": 1.3441403886666665
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:27:35.303000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.asus.com/jp/"
          },
          {
            "title": "Cellspot router firmware update information",
            "trust": 0.8,
            "url": "https://support.t-mobile.com/docs/DOC-21994"
          },
          {
            "title": "ASUS RT Series Wireless Routers patch for middleman security bypass vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/51508"
          },
          {
            "title": "FW_RT_AC68U_30043763715",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54536"
          },
          {
            "title": "FW_RT_AC68U_30043763626",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54537"
          },
          {
            "title": "FW_RT_AC68U_30043761663",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54538"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-345",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://seclists.org/fulldisclosure/2014/oct/122"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/70791"
          },
          {
            "trust": 2.1,
            "url": "http://dnlongen.blogspot.com/2014/10/cve-2014-2718-asus-rt-mitm.html"
          },
          {
            "trust": 1.7,
            "url": "http://packetstormsecurity.com/files/128904/asus-router-man-in-the-middle.html"
          },
          {
            "trust": 1.1,
            "url": "https://support.t-mobile.com/docs/doc-21994"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2718"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2718"
          },
          {
            "trust": 0.8,
            "url": "http://dnlongen.blogspot.jp/2014/10/cve-2014-2718-asus-rt-mitm.html"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/98316"
          },
          {
            "trust": 0.3,
            "url": "http://www.asus.com/"
          },
          {
            "trust": 0.1,
            "url": "http://dlcdnet.asus.com,"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-2718"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "db": "BID",
            "id": "70791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "PACKETSTORM",
            "id": "128904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "db": "BID",
            "id": "70791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "db": "PACKETSTORM",
            "id": "128904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "date": "2014-11-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "date": "2014-10-28T00:00:00",
            "db": "BID",
            "id": "70791"
          },
          {
            "date": "2014-11-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "date": "2014-10-29T12:11:11",
            "db": "PACKETSTORM",
            "id": "128904"
          },
          {
            "date": "2014-10-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          },
          {
            "date": "2014-11-04T22:55:06.417000",
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-07699"
          },
          {
            "date": "2017-08-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-70657"
          },
          {
            "date": "2014-10-28T00:00:00",
            "db": "BID",
            "id": "70791"
          },
          {
            "date": "2016-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          },
          {
            "date": "2014-11-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-2718"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1415"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ASUS RT Series router firmware arbitrary code execution vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005239"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Design Error",
        "sources": [
          {
            "db": "BID",
            "id": "70791"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-201404-0636

    Vulnerability from variot - Updated: 2025-04-13 23:05

    Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code. ASUS RT-Series Wireless Routers is a wireless router device. ASUS RT-Series Wireless Routers 'Advanced_System_Content.asp' has an information disclosure vulnerability that allows an attacker to exploit a vulnerability to obtain sensitive information. ASUS RT-Series running firmware versions prior to 3.0.0.4.374.5517 are vulnerable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0636",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.318"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.220"
          },
          {
            "model": "rt-ac68u",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.374_4887"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "1.0.1.8n"
          },
          {
            "model": "rt-ac68u",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.374.4755"
          },
          {
            "model": "rt-n66u",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.370"
          },
          {
            "model": "rt-n14u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.356"
          },
          {
            "model": "rt-n10e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "2.0.0.25"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.260"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.9"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.260"
          },
          {
            "model": "rt-n14u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.322"
          },
          {
            "model": "tm-ac1900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "t mobile",
            "version": "3.0.0.4.376_3169"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.260"
          },
          {
            "model": "rt-ac68u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_4561"
          },
          {
            "model": "rt-n10e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "2.0.0.20"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.270"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.140"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.3.162"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "7.0.2.38b"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.334"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.3.108"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.3.178"
          },
          {
            "model": "rt-ac68u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.342"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.3.134"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "7.0.1.21"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.7c"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "7.0.1.32"
          },
          {
            "model": "rt-n10e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "2.0.0.24"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.334"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.246"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.2.3"
          },
          {
            "model": "rt-n10e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "2.0.0.10"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.3.176"
          },
          {
            "model": "rt-n10e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "2.0.0.19"
          },
          {
            "model": "rt-n10e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "2.0.0.7"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.360"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.342"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.346"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.4o"
          },
          {
            "model": "rt-n10e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "2.0.0.16"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.246"
          },
          {
            "model": "rt-n66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.272"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.220"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.8j"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.354"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.7f"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "8.1.1.4"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.8l"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.4"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.354"
          },
          {
            "model": "rt-ac66u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-ac68u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-ac68u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-n10e",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-n14u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-n16",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-n56u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-n65u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-n66u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.0.4.374.5517"
          },
          {
            "model": "rt-series wireless routers",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "asus",
            "version": "\u003c=3.0.0.4.374.5517"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-ac66u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:asus:rt-ac68u",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-ac68u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n10e_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n14u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n16_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n65u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n66u_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "David Longenecker",
        "sources": [
          {
            "db": "BID",
            "id": "66954"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2014-2719",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2014-2719",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-02538",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.8,
                "id": "VHN-70658",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-2719",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-2719",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-02538",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201404-434",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-70658",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code. ASUS RT-Series Wireless Routers is a wireless router device. ASUS RT-Series Wireless Routers \u0027Advanced_System_Content.asp\u0027 has an information disclosure vulnerability that allows an attacker to exploit a vulnerability to obtain sensitive information. \nASUS RT-Series running firmware versions prior to 3.0.0.4.374.5517 are vulnerable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-2719"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "BID",
            "id": "66954"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          }
        ],
        "trust": 2.52
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-70658",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-2719",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "66954",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538",
            "trust": 0.6
          },
          {
            "db": "FULLDISC",
            "id": "20140416 ASUS RT-XXXX SOHO ROUTERS EXPOSE ADMIN PASSWORD, FIXED IN 3.0.0.4.374.5517",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "126213",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-70658",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          },
          {
            "db": "BID",
            "id": "66954"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "id": "VAR-201404-0636",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          }
        ],
        "trust": 1.3092795819999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:05:08.813000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "RT-N66U",
            "trust": 0.8,
            "url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29"
          },
          {
            "title": "Cellspot router firmware update information",
            "trust": 0.8,
            "url": "https://support.t-mobile.com/docs/DOC-21994"
          },
          {
            "title": "ASUS RT-Series Wireless Routers \u0027Advanced_System_Content.asp\u0027 Patch for Information Disclosure Vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/45075"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "http://seclists.org/fulldisclosure/2014/apr/225"
          },
          {
            "trust": 1.7,
            "url": "http://support.asus.com/download.aspx?m=rt-n66u+%28ver.b1%29"
          },
          {
            "trust": 1.7,
            "url": "http://dnlongen.blogspot.com/2014/04/cve-2014-2719-asus-rt-password-disclosure.html"
          },
          {
            "trust": 1.1,
            "url": "https://support.t-mobile.com/docs/doc-21994"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2719"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2719"
          },
          {
            "trust": 0.8,
            "url": "http://dnlongen.blogspot.jp/2014/04/cve-2014-2719-asus-rt-password-disclosure.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.asus.com/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          },
          {
            "db": "BID",
            "id": "66954"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "VULHUB",
            "id": "VHN-70658"
          },
          {
            "db": "BID",
            "id": "66954"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-04-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "date": "2014-04-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-70658"
          },
          {
            "date": "2014-04-14T00:00:00",
            "db": "BID",
            "id": "66954"
          },
          {
            "date": "2014-04-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "date": "2014-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          },
          {
            "date": "2014-04-22T13:06:29.493000",
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-04-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "date": "2016-06-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-70658"
          },
          {
            "date": "2014-04-14T00:00:00",
            "db": "BID",
            "id": "66954"
          },
          {
            "date": "2016-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-002210"
          },
          {
            "date": "2014-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-2719"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ASUS RT-Series Wireless Routers \u0027Advanced_System_Content.asp\u0027 Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-02538"
          },
          {
            "db": "BID",
            "id": "66954"
          }
        ],
        "trust": 0.9
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201404-434"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201307-0434

    Vulnerability from variot - Updated: 2025-04-11 22:55

    Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors. ASUS RT-N66U is a wireless router product from ASUS Taiwan. A directory traversal vulnerability exists in ASUS RT-N66U version 3.0.0.4.270 and 3.0.0.4.354. Remote vulnerabilities can be used by remote attackers to obtain sensitive information, and the acquisition of this information can help launch further attacks. Other attacks may also be possible. The following versions are affected: ASUS RT-AC66U with firmware 3.0.0.4.354 and earlier, RT-N66U 3.0.0.4.370 and earlier, RT-N65U 3.0.0.4.346 and earlier, RT-N14U 3.0.0.4.356 and earlier, RT-N16 3.0.0.4.354 and earlier, RT-N56U 3.0.0.4.360 and earlier and 3.0.0.4.364 and earlier, DSL -N55U

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201307-0434",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.260"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.220"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "7.0.2.38b"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "1.0.1.9"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.3.108"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.3.178"
          },
          {
            "model": "dsl-n56u",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "1.0.0.9"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.3.162"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "asus",
            "version": "3.0.0.4.246"
          },
          {
            "model": "rt-n14u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.356"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.260"
          },
          {
            "model": "rt-n66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.370"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.342"
          },
          {
            "model": "dsl-n55u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.7c"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.8l"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.334"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "8.1.1.4"
          },
          {
            "model": "rt-n56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.360"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.140"
          },
          {
            "model": "rt-ac66u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.354"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.318"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "dsl-n56u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.364"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.342"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.260"
          },
          {
            "model": "rt-n14u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.4o"
          },
          {
            "model": "rt-n14u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.322"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "7.0.1.21"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "7.0.1.32"
          },
          {
            "model": "rt-n16",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.354"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.3.134"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.270"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.3.176"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.246"
          },
          {
            "model": "rt-n65u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.346"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.8j"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.7f"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.8n"
          },
          {
            "model": "rt-n66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.272"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.220"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.1.4"
          },
          {
            "model": "dsl-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.188"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "1.0.2.3"
          },
          {
            "model": "dsl-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.314"
          },
          {
            "model": "rt-n65u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.334"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "dsl-n55u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "dsl-n56u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.4.372"
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.4.372"
          },
          {
            "model": "rt-n14u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n14u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.4.372"
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.4.372"
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.4.372"
          },
          {
            "model": "rt-n65u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n65u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.4.372"
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": "3.0.4.372"
          },
          {
            "model": "rt-n66u",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n14u",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "asus",
            "version": "3.0.0.4.356"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:asus:dsl-n55u",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:dsl-n56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:asus:rt-ac66u",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-ac66u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:asus:rt-n14u",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n14u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:asus:rt-n16",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n16_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:asus:rt-n56u",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n56u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:asus:rt-n65u",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n65u_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:asus:rt-n66u",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:asus:rt-n66u_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kyle Lovett",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2013-4937",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2013-4937",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2013-08385",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-64939",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-4937",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-4937",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2013-08385",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201307-570",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-64939",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64939"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors. ASUS RT-N66U is a wireless router product from ASUS Taiwan. \nA directory traversal vulnerability exists in ASUS RT-N66U version 3.0.0.4.270 and 3.0.0.4.354. Remote vulnerabilities can be used by remote attackers to obtain sensitive information, and the acquisition of this information can help launch further attacks.         Other attacks may also be possible. The following versions are affected: ASUS RT-AC66U with firmware 3.0.0.4.354 and earlier, RT-N66U 3.0.0.4.370 and earlier, RT-N65U 3.0.0.4.346 and earlier, RT-N14U 3.0.0.4.356 and earlier, RT-N16 3.0.0.4.354 and earlier, RT-N56U 3.0.0.4.360 and earlier and 3.0.0.4.364 and earlier, DSL -N55U",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-4937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          },
          {
            "db": "BID",
            "id": "60780"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64939"
          }
        ],
        "trust": 3.06
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-4937",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "60780",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-570",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-64939",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64939"
          },
          {
            "db": "BID",
            "id": "60780"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "id": "VAR-201307-0434",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64939"
          }
        ],
        "trust": 1.291374855714286
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:55:57.018000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Firmware update 3.0.4.372 for ASUS routers with AiCloud fixes found vulnerabilities",
            "trust": 0.8,
            "url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
          },
          {
            "title": "Networking",
            "trust": 0.8,
            "url": "http://www.asus.com/Networking/Wireless_Routers_Products/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://twitter.com/asususa/statuses/357612236392509440"
          },
          {
            "trust": 1.7,
            "url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/60780"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4937"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4937"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64939"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "VULHUB",
            "id": "VHN-64939"
          },
          {
            "db": "BID",
            "id": "60780"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-06-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "date": "2013-07-26T00:00:00",
            "db": "VULHUB",
            "id": "VHN-64939"
          },
          {
            "date": "2013-06-24T00:00:00",
            "db": "BID",
            "id": "60780"
          },
          {
            "date": "2013-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "date": "2013-06-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          },
          {
            "date": "2013-07-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          },
          {
            "date": "2013-07-26T12:05:40.867000",
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-06-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "date": "2013-07-26T00:00:00",
            "db": "VULHUB",
            "id": "VHN-64939"
          },
          {
            "date": "2013-07-29T13:14:00",
            "db": "BID",
            "id": "60780"
          },
          {
            "date": "2013-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-003514"
          },
          {
            "date": "2013-07-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          },
          {
            "date": "2013-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-4937"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-570"
          }
        ],
        "trust": 1.2
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ASUS RT-N66U Directory Traversal Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2013-08385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201307-145"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-0883

    Vulnerability from variot - Updated: 2024-08-14 14:45

    ASUS RT-N56U devices allow CSRF. ASUS RT-N56U The device contains a cross-site request forgery vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-0883",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_2050"
          },
          {
            "model": "rt-n15u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_16"
          },
          {
            "model": "dsl-n55u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_1397"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_979"
          },
          {
            "model": "rt-n53",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_311"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_979"
          },
          {
            "model": "rt-n10u",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": "3.0.0.4.374_168"
          },
          {
            "model": "dsl-n55u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-ac66u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n10u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n15u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n16",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n53",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "rt-n56u",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "cve": "CVE-2013-3093",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2013-3093",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2013-3093",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2013-3093",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-3093",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-3093",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202001-1276",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ASUS RT-N56U devices allow CSRF. ASUS RT-N56U The device contains a cross-site request forgery vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-3093"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-3093",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-1276",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "id": "VAR-202001-0883",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5950836471428572
      },
      "last_update_date": "2024-08-14T14:45:05.083000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top\u00a0Page",
            "trust": 0.8,
            "url": "https://www.asus.com/us/"
          },
          {
            "title": "ASUS RT-N56U Fixes for cross-site request forgery vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=107622"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site request forgery (CWE-352) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://www.securityfocus.com/archive/1/531194"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3093"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "date": "2020-01-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          },
          {
            "date": "2020-01-28T21:15:11.560000",
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          },
          {
            "date": "2020-01-31T16:06:35.230000",
            "db": "NVD",
            "id": "CVE-2013-3093"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ASUS\u00a0RT-N56U\u00a0 Cross-site request forgery vulnerability in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-007119"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-1276"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201401-0754

    Vulnerability from variot - Updated: 2022-05-17 02:09

    Multiple ASUS RT routers are prone to an unspecified security bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions on the affected application. This may aid in further attacks. ASUS RT-AC68U, RT-AC56U, RT-AC66U, RT-N66U, RT-N16 are vulnerable.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201401-0754",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-n66u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac68u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac56u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kyle Lovett",
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ],
        "trust": 0.3
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple ASUS RT routers are prone to an unspecified security bypass vulnerability.\nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions on the affected application. This may aid in further attacks.\nASUS RT-AC68U, RT-AC56U, RT-AC66U, RT-N66U, RT-N16 are vulnerable.",
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ],
        "trust": 0.3
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "65558",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ]
      },
      "id": "VAR-201401-0754",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.539766506
      },
      "last_update_date": "2022-05-17T02:09:50.265000Z",
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 0.3,
            "url": "https://www.asus.com/networking/rtac68u/#support"
          },
          {
            "trust": 0.3,
            "url": "https://www.asus.com/"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "65558"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-06T00:00:00",
            "db": "BID",
            "id": "65558"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-06T00:00:00",
            "db": "BID",
            "id": "65558"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple ASUS RT Routers Remote Security Bypass Vulnerability",
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ],
        "trust": 0.3
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input Validation Error",
        "sources": [
          {
            "db": "BID",
            "id": "65558"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-201403-0712

    Vulnerability from variot - Updated: 2022-05-17 01:51

    ASUS (ASUS) is the largest hardware manufacturer in Taiwan. A variety of ASUS router products (firmware version 3.0.0.4.374.x) failed to properly restrict access to the file /smb.xml after enabling the AiCloud web service, and an attacker could exploit the vulnerability to leak sensitive information. Multiple ASUS Routers are prone to an authentication-bypass vulnerability. An attacker could leverage this issue to bypass the authentication mechanism and obtain sensitive information. The following products running firmware version 3.0.0.4.374.x are vulnerable: RT-AC68U Dual-band Wireless-AC1900 Gigabit Router RT-AC66R Dual-Band Wireless-AC1750 Gigabit Router RT-AC66U Dual-Band Wireless-AC1750 Gigabit Router RT-N66R Dual-Band Wireless-N900 Gigabit Router RT-N66U Dual-Band Wireless-N900 Gigabit Router RT-AC56U Dual-Band Wireless-AC1200 Gigabit Router RT-N56R Dual-Band Wireless-AC1200 Gigabit Router RT-N56U Dual-Band Wireless-AC1200 Gigabit Router RT-N14U Wireless-N300 Cloud Router RT-N14UHP Wireless-N300 Cloud Router RT-N16 Wireless-N300 Gigabit Router RT-N16R Wireless-N300 Gigabit Router

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0712",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rt-ac56u router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n14u router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n16 router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n56r router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66r router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66r router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac68u router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n14uhp router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n16r router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n56u wireless router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66u router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-ac66u router",
            "scope": null,
            "trust": 0.6,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "rt-n66u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n66r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n56u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n56r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n16r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n14uhp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-n14u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac68u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac66u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac66r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          },
          {
            "model": "rt-ac56u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asus",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          },
          {
            "db": "BID",
            "id": "65861"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "kyle Lovett",
        "sources": [
          {
            "db": "BID",
            "id": "65861"
          }
        ],
        "trust": 0.3
      },
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-01390",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "CNVD",
                "id": "CNVD-2014-01390",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ASUS (ASUS) is the largest hardware manufacturer in Taiwan. A variety of ASUS router products (firmware version 3.0.0.4.374.x) failed to properly restrict access to the file /smb.xml after enabling the AiCloud web service, and an attacker could exploit the vulnerability to leak sensitive information. Multiple ASUS Routers are prone to an authentication-bypass vulnerability. \nAn attacker could leverage this issue to  bypass the authentication mechanism and obtain sensitive information. \nThe following products running firmware version 3.0.0.4.374.x are vulnerable:\nRT-AC68U Dual-band Wireless-AC1900 Gigabit Router\nRT-AC66R Dual-Band Wireless-AC1750 Gigabit Router\nRT-AC66U Dual-Band Wireless-AC1750 Gigabit Router\nRT-N66R Dual-Band Wireless-N900 Gigabit Router\nRT-N66U Dual-Band Wireless-N900 Gigabit Router\nRT-AC56U Dual-Band Wireless-AC1200 Gigabit Router\nRT-N56R Dual-Band Wireless-AC1200 Gigabit Router\nRT-N56U Dual-Band Wireless-AC1200 Gigabit Router\nRT-N14U Wireless-N300 Cloud Router\nRT-N14UHP Wireless-N300 Cloud Router\nRT-N16 Wireless-N300 Gigabit Router\nRT-N16R Wireless-N300 Gigabit Router",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          },
          {
            "db": "BID",
            "id": "65861"
          }
        ],
        "trust": 0.81
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "65861",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "56905",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          },
          {
            "db": "BID",
            "id": "65861"
          }
        ]
      },
      "id": "VAR-201403-0712",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          }
        ],
        "trust": 1.411373705909091
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          }
        ]
      },
      "last_update_date": "2022-05-17T01:51:10.409000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for multiple ASUS routers \u0027smb.xml\u0027 authentication bypass vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/43991"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/56905/"
          },
          {
            "trust": 0.3,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-02/0032.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.asus.com"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          },
          {
            "db": "BID",
            "id": "65861"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          },
          {
            "db": "BID",
            "id": "65861"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-03-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          },
          {
            "date": "2014-02-08T00:00:00",
            "db": "BID",
            "id": "65861"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-03-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          },
          {
            "date": "2014-02-08T00:00:00",
            "db": "BID",
            "id": "65861"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "65861"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple ASUS Router \u0027smb.xml\u0027 Authentication Bypass Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01390"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unknown",
        "sources": [
          {
            "db": "BID",
            "id": "65861"
          }
        ],
        "trust": 0.3
      }
    }

    CVE-2013-4937 (GCVE-0-2013-4937)

    Vulnerability from nvd – Published: 2013-07-26 10:00 – Updated: 2024-09-17 02:46
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:40.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4937",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://reviews.cnet.com/8301-3132_7-57594003-98",
                  "refsource": "MISC",
                  "url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
                },
                {
                  "name": "http://twitter.com/ASUSUSA/statuses/357612236392509440",
                  "refsource": "CONFIRM",
                  "url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4937",
        "datePublished": "2013-07-26T10:00:00.000Z",
        "dateReserved": "2013-07-26T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:46:42.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4937 (GCVE-0-2013-4937)

    Vulnerability from cvelistv5 – Published: 2013-07-26 10:00 – Updated: 2024-09-17 02:46
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:40.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4937",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://reviews.cnet.com/8301-3132_7-57594003-98",
                  "refsource": "MISC",
                  "url": "http://reviews.cnet.com/8301-3132_7-57594003-98"
                },
                {
                  "name": "http://twitter.com/ASUSUSA/statuses/357612236392509440",
                  "refsource": "CONFIRM",
                  "url": "http://twitter.com/ASUSUSA/statuses/357612236392509440"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4937",
        "datePublished": "2013-07-26T10:00:00.000Z",
        "dateReserved": "2013-07-26T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:46:42.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }