CVSS: 9.3EPSS: 0%CPEs: 14EXPL: 0CVE-2013-3093
https://notcve.org/view.php?id=CVE-2013-3093
ASUS RT-N56U devices allow CSRF. Los dispositivos ASUS RT-N56U, permiten un ataque de tipo CSRF. • https://www.securityfocus.com/archive/1/531194 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2013-4656
https://notcve.org/view.php?id=CVE-2013-4656
Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service. Una vulnerabilidad de Salto de Enlace Simbólico en ASUS RT-AC66U y RT-N56U debido a una configuración inapropiada en el servicio SMB. • https://www.ise.io/casestudies/exploiting-soho-routers https://www.ise.io/soho_service_hacks https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5632
https://notcve.org/view.php?id=CVE-2017-5632
An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374_979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the device's WAN connection, causing disconnection from the Internet, a Denial of Service (DoS). The attack is only possible from within the local area network. Se ha descubierto un problema en el router wireless ASUS RT-N56U con Firmware 3.0.0.4.374_979. Al ejecutar un comando "nmap -O" que especifica una dirección IP de un dispositivo infectado, se puede derribar la conexión WAN del dispositivo WAN, causando una desconexión de internet, una denegación de servicio (DoS). • http://www.securityfocus.com/bid/95857 https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-7270
https://notcve.org/view.php?id=CVE-2014-7270
Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allows remote attackers to hijack the authentication of arbitrary users. Vulnerabilidad de CSRF en los routers ASUS JAPAN RT-AC87U con firmware 3.0.0.4.378.3754 y anteriores, los routers RT-AC68U con firmware 3.0.0.4.376.3715 y anteriores, los routers RT-AC56S con firmware 3.0.0.4.376.3715 y anteriores, los routers RT-N66U con firmware 3.0.0.4.376.3715 y anteriores, y los routers RT-N56U con firmware 3.0.0.4.376.3715 y anteriores permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios. • http://jvn.jp/en/jp/JVN32631078/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000012 http://www.asus.com/jp/News/PNzPd7vkXtrKWXHR • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2014-7269
https://notcve.org/view.php?id=CVE-2014-7269
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. Los routers ASUS JAPAN RT-AC87U con firmware 3.0.0.4.378.3754 y anteriores, los routers RT-AC68U con firmware 3.0.0.4.376.3715 y anteriores, los routers RT-AC56S con firmware 3.0.0.4.376.3715 y anteriores, lor routers RT-N66U con firmware 3.0.0.4.376.3715 y anteriores, y los routers RT-N56U con firmware 3.0.0.4.376.3715 y anteriores permiten a usuarios remotos autenticados ejecutar comandos OS arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN77792759/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000011 http://www.asus.com/jp/News/PNzPd7vkXtrKWXHR • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •