CVE-2016-6557
The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to cross-site request forgery
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.
En los puntos de acceso ASUS RP-AC52 con versiones de firmware 1.0.1.1s y posiblemente anteriores, la interfaz web no verifica lo suficiente si una petición válida ha sido proporcionada intencionadamente por el usuario. Un atacante puede realizar acciones con los mismos permisos que los del usuario víctima, siempre que la víctima tenga una sesión activa y sea inducida a desencadenar la petición maliciosa.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-08-03 CVE Reserved
- 2018-07-13 CVE Published
- 2023-12-04 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://www.kb.cert.org/vuls/id/763843 | Third Party Advisory | |
https://www.securityfocus.com/bid/93596 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Asus Search vendor "Asus" | Rp-ac52 Firmware Search vendor "Asus" for product "Rp-ac52 Firmware" | <= 1.0.1.1s Search vendor "Asus" for product "Rp-ac52 Firmware" and version " <= 1.0.1.1s" | - |
Affected
| in | Asus Search vendor "Asus" | Rp-ac52 Search vendor "Asus" for product "Rp-ac52" | - | - |
Safe
|
Asus Search vendor "Asus" | Ea-n66 Firmware Search vendor "Asus" for product "Ea-n66 Firmware" | - | - |
Affected
| in | Asus Search vendor "Asus" | Ea-n66 Search vendor "Asus" for product "Ea-n66" | - | - |
Safe
|
Asus Search vendor "Asus" | Rp-n12 Firmware Search vendor "Asus" for product "Rp-n12 Firmware" | - | - |
Affected
| in | Asus Search vendor "Asus" | Rp-n12 Search vendor "Asus" for product "Rp-n12" | - | - |
Safe
|
Asus Search vendor "Asus" | Rp-n14 Firmware Search vendor "Asus" for product "Rp-n14 Firmware" | - | - |
Affected
| in | Asus Search vendor "Asus" | Rp-n14 Search vendor "Asus" for product "Rp-n14" | - | - |
Safe
|
Asus Search vendor "Asus" | Rp-n53 Firmware Search vendor "Asus" for product "Rp-n53 Firmware" | - | - |
Affected
| in | Asus Search vendor "Asus" | Rp-n53 Search vendor "Asus" for product "Rp-n53" | - | - |
Safe
|
Asus Search vendor "Asus" | Rp-ac56 Firmware Search vendor "Asus" for product "Rp-ac56 Firmware" | - | - |
Affected
| in | Asus Search vendor "Asus" | Rp-ac56 Search vendor "Asus" for product "Rp-ac56" | - | - |
Safe
|
Asus Search vendor "Asus" | Wmp-n12 Firmware Search vendor "Asus" for product "Wmp-n12 Firmware" | - | - |
Affected
| in | Asus Search vendor "Asus" | Wmp-n12 Search vendor "Asus" for product "Wmp-n12" | - | - |
Safe
|