CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3093
https://notcve.org/view.php?id=CVE-2009-3093
Unspecified vulnerability on the ASUS WL-500W wireless router has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en el router inalámbrico ASUS WL-500W tiene impacto y vectores de ataque desconocidos, como se ha demostrado con cierto módulo de VulnDisco Pack Professional 8.11. NOTA: A fecha de 03/09/2009 este aviso no cuenta con más información. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36439 http://www.securityfocus.com/bid/36236 •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2009-0656
https://notcve.org/view.php?id=CVE-2009-0656
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user. Asus SmartLogon v1.0.0005 permite a usuarios fisicamente proximos evitar las "funciones de seguridad" mediante la presentacion de una imagen con un punto de vista modificado que coincida con la postura de la imagen autorizada del usuario legitimo almacenada en el equipo, • http://security.bkis.vn/?p=292 http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf http://www.securityfocus.com/archive/1/498997 http://www.securityfocus.com/bid/32700 https://exchange.xforce.ibmcloud.com/vulnerabilities/48962 • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 81%CPEs: 2EXPL: 3CVE-2008-1491 – ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-1491
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623. Desbordamiento de búfer basado en pila en el Servidor DPC Proxy (DpcProxy.exe) de ASUS Remote Console (también conocida como ARC o ASMB3) 2.0.0.19 y 2.0.0.24, permite a atacantes remotos ejecutar código de su elección mediante una cadena larga al puerto TCP 623. • https://www.exploit-db.com/exploits/5694 https://www.exploit-db.com/exploits/16425 http://aluigi.altervista.org/adv/asuxdpc-adv.txt http://secunia.com/advisories/29402 http://securityreason.com/securityalert/3771 http://www.securityfocus.com/archive/1/489966/100/0/threaded http://www.securityfocus.com/bid/28394 http://www.vupen.com/english/advisories/2008/0982/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3490
https://notcve.org/view.php?id=CVE-2005-3490
Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL. • http://aluigi.altervista.org/adv/asusvsbugs-adv.txt http://marc.info/?l=full-disclosure&m=113096055302614&w=2 http://secunia.com/advisories/17419 http://www.securityfocus.com/bid/15281 •
CVSS: 7.5EPSS: 18%CPEs: 1EXPL: 3CVE-2005-3489 – Asus VideoSecurity Online 3.5 - Web Server Authentication Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-3489
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string. • https://www.exploit-db.com/exploits/26460 http://aluigi.altervista.org/adv/asusvsbugs-adv.txt http://marc.info/?l=full-disclosure&m=113096055302614&w=2 http://secunia.com/advisories/17419 http://www.osvdb.org/20457 http://www.securityfocus.com/bid/15279 http://www.vupen.com/english/advisories/2005/2289 •