CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15653 – ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-15653
Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string. La validación indebida de la IP del administrador tras iniciar sesión en el servidor HTTPd en todas las versiones actuales (iguales o inferiores a 3.0.0.4.380.7743) de Asus asuswrt permite que un usuario no autorizado ejecute cualquier acción conociendo el token de administrador mediante el uso de una cadena User-Agent específica. ASUSWRT versions 3.0.0.4.382.18495 and below suffer from predictable session tokens, failed IP validation, plain text password storage, and information disclosure vulnerabilities. • http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.html http://seclists.org/fulldisclosure/2018/Jan/63 • CWE-613: Insufficient Session Expiration •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15655 – ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-15655
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages. Existen múltiples vulnerabilidades de desbordamiento de búfer en el servidor HTTPd en Asus asuswrt en versiones iguales o anteriores a la 3.0.0.4.376.X. • http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.html http://seclists.org/fulldisclosure/2018/Jan/63 http://sploit.tech/2018/01/16/ASUS-part-I.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15656 – ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-15656
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt. Las contraseñas se almacenan en texto plano en nvram en el servidor HTTPd en todas las versiones actuales (iguales o anteriores a la 3.0.0.4.380.7743) de Asus asuswrt. ASUSWRT versions 3.0.0.4.382.18495 and below suffer from predictable session tokens, failed IP validation, plain text password storage, and information disclosure vulnerabilities. • http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.html http://seclists.org/fulldisclosure/2018/Jan/63 • CWE-522: Insufficiently Protected Credentials •