5 results (0.010 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors. Vulnerabilidad Cross-Site Request Forgery (CSRF) en WL-330NUL con firmware en versiones anteriores a la 3.0.0.46 permite a atacantes remotos secuestrar la autenticación de los administradores utilizando vectores no especificados. • http://jvn.jp/en/jp/JVN71329812/index.html https://www.asus.com/us/Networking/WL330NUL/HelpDesk_BIOS • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN89965717/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000195 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0

ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos ejecutar comandos arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN34489380/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000193 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to cause a denial of service via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos provocar una denegación de servicio a través de vectores no especificados. • http://jvn.jp/en/jp/JVN85359294/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000194 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos descubrir la frase de contraseña WPA2-PSK a través de vectores no especificados. • http://jvn.jp/en/jp/JVN69462495/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 http://www.asus.com/jp/News/FX04LE8HN0qBoqFI • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •