CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 1CVE-2022-26376
https://notcve.org/view.php?id=CVE-2022-26376
05 Aug 2022 — A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. Se presenta una vulnerabilidad de corrupción de memoria en la funcionalidad httpd unescape de Asuswrt versiones anteriores a 3.0.0.4.386_48706 y Asuswrt-Merlin New Gen versiones anteriores a 386.7. Una petición HTTP esp... • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 90%CPEs: 1EXPL: 7CVE-2018-5999 – AsusWRT LAN - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-5999
22 Jan 2018 — An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails. Se ha descubierto un problema en versiones anteriores a la 3.0.0.4.384_10007 de AsusWRT. En la función handle_request en router/httpd/httpd.c, el procesamiento de peticiones POST continúa incluso aunque falle la autenticación. AsusWRT Router versions prior to 3.0.0.4.380.7743 suffer from an unauthenticated LAN remote code exe... • https://packetstorm.news/files/id/146102 •
CVSS: 10.0EPSS: 90%CPEs: 1EXPL: 7CVE-2018-6000 – AsusWRT LAN - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-6000
22 Jan 2018 — An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999. Se ha descubierto un problema en versiones anterior... • https://packetstorm.news/files/id/146102 • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15653 – ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-15653
16 Jan 2018 — Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string. La validación indebida de la IP del administrador tras iniciar sesión en el servidor HTTPd en todas las versiones actuales (iguales o inferiores a 3.0.0.4.380.7743) de Asus asuswrt permite que un usuario no autorizado ejecute cualquier acción conociend... • https://packetstorm.news/files/id/145921 • CWE-613: Insufficient Session Expiration •
CVSS: 8.3EPSS: 1%CPEs: 1EXPL: 2CVE-2017-15654 – ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-15654
16 Jan 2018 — Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access. Los tokens de sesión altamente predecibles en el servidor HTTPd en todas las versiones actuales (iguales o inferiores a 3.0.0.4.380.7743) de Asus asuswrt permiten obtener acceso administrativo al router. ASUSWRT versions 3.0.0.4.382.18495 and below suffer from predictable session tokens, failed IP validation, plain text password storage, and informat... • https://packetstorm.news/files/id/145921 • CWE-330: Use of Insufficiently Random Values •
CVSS: 9.6EPSS: 1%CPEs: 1EXPL: 3CVE-2017-15655 – ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-15655
16 Jan 2018 — Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages. Existen múltiples vulnerabilidades de desbordamiento de búfer en el servidor HTTPd en Asus asuswrt en versi... • https://packetstorm.news/files/id/145921 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15656 – ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-15656
16 Jan 2018 — Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt. Las contraseñas se almacenan en texto plano en nvram en el servidor HTTPd en todas las versiones actuales (iguales o anteriores a la 3.0.0.4.380.7743) de Asus asuswrt. ASUSWRT versions 3.0.0.4.382.18495 and below suffer from predictable session tokens, failed IP validation, plain text password storage, and information disclosure vulnerabilities. • https://packetstorm.news/files/id/145921 • CWE-522: Insufficiently Protected Credentials •