CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0647
https://notcve.org/view.php?id=CVE-2018-0647
Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors. Vulnerabilidad Cross-Site Request Forgery (CSRF) en WL-330NUL con firmware en versiones anteriores a la 3.0.0.46 permite a atacantes remotos secuestrar la autenticación de los administradores utilizando vectores no especificados. • http://jvn.jp/en/jp/JVN71329812/index.html https://www.asus.com/us/Networking/WL330NUL/HelpDesk_BIOS • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7790
https://notcve.org/view.php?id=CVE-2015-7790
Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN89965717/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000195 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7788
https://notcve.org/view.php?id=CVE-2015-7788
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos ejecutar comandos arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN34489380/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000193 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7789
https://notcve.org/view.php?id=CVE-2015-7789
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to cause a denial of service via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos provocar una denegación de servicio a través de vectores no especificados. • http://jvn.jp/en/jp/JVN85359294/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000194 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7787
https://notcve.org/view.php?id=CVE-2015-7787
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos descubrir la frase de contraseña WPA2-PSK a través de vectores no especificados. • http://jvn.jp/en/jp/JVN69462495/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •