18 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to view sensitive information via /etc/shadow. • https://robertchen.cc/blog/2021/03/31/asus-rce • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1

Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the source for COPY and MOVE operations. • https://robertchen.cc/blog/2021/03/31/asus-rce • CWE-706: Use of Incorrectly-Resolved Name or Reference •

CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1

Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations. • https://robertchen.cc/blog/2021/03/31/asus-rce • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS). ASUS AC68U versiones anteriores a 3.0.0.4.385.20852 incluyéndola, está afectado por un desbordamiento de búfer en el archivo blocking.cgi, que puede causar una denegación de servicio (DoS) • http://ac68u.com http://asus.com https://github.com/IBUILI/Asus • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1

Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi. Asus RT-AC68U versiones anteriores a 3.0.0.4.385.20633 y RT-AC5300 versiones anteriores a 3.0.0.4.384.82072, están afectados por un desbordamiento de búfer en el archivo blocking_request.cgi • http://asus.com http://rt-ac68u.com https://github.com/IBUILI/Asus • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •