// For flags

CVE-2017-14698

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd parameter to mod_login.asp.

Los routers ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U y DSL-AC750 permiten que atacantes remotos cambien las contraseñas de usuarios arbitrarios mediante el parámetro http_passwd en mod_login.asp.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-09-22 CVE Reserved
  • 2018-01-29 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Asus
Search vendor "Asus"
Dsl-ac51 Firmware
Search vendor "Asus" for product "Dsl-ac51 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-ac51
Search vendor "Asus" for product "Dsl-ac51"
--
Safe
Asus
Search vendor "Asus"
Dsl-ac52u Firmware
Search vendor "Asus" for product "Dsl-ac52u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-ac52u
Search vendor "Asus" for product "Dsl-ac52u"
--
Safe
Asus
Search vendor "Asus"
Dsl-ac55u Firmware
Search vendor "Asus" for product "Dsl-ac55u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-ac55u
Search vendor "Asus" for product "Dsl-ac55u"
--
Safe
Asus
Search vendor "Asus"
Dsl-n55u C1 Firmware
Search vendor "Asus" for product "Dsl-n55u C1 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n55u C1
Search vendor "Asus" for product "Dsl-n55u C1"
--
Safe
Asus
Search vendor "Asus"
Dsl-n55u D1 Firmware
Search vendor "Asus" for product "Dsl-n55u D1 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n55u D1
Search vendor "Asus" for product "Dsl-n55u D1"
--
Safe
Asus
Search vendor "Asus"
Dsl-ac56u Firmware
Search vendor "Asus" for product "Dsl-ac56u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-ac56u
Search vendor "Asus" for product "Dsl-ac56u"
--
Safe
Asus
Search vendor "Asus"
Dsl-n10 C1 Firmware
Search vendor "Asus" for product "Dsl-n10 C1 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n10 C1
Search vendor "Asus" for product "Dsl-n10 C1"
--
Safe
Asus
Search vendor "Asus"
Dsl-n12u C1 Firmware
Search vendor "Asus" for product "Dsl-n12u C1 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n12u C1
Search vendor "Asus" for product "Dsl-n12u C1"
--
Safe
Asus
Search vendor "Asus"
Dsl-n12e C1 Firmware
Search vendor "Asus" for product "Dsl-n12e C1 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n12e C1
Search vendor "Asus" for product "Dsl-n12e C1"
--
Safe
Asus
Search vendor "Asus"
Dsl-n14u Firmware
Search vendor "Asus" for product "Dsl-n14u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n14u
Search vendor "Asus" for product "Dsl-n14u"
--
Safe
Asus
Search vendor "Asus"
Dsl-n14u-b1 Firmware
Search vendor "Asus" for product "Dsl-n14u-b1 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n14u-b1
Search vendor "Asus" for product "Dsl-n14u-b1"
--
Safe
Asus
Search vendor "Asus"
Dsl-n16 Firmware
Search vendor "Asus" for product "Dsl-n16 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n16
Search vendor "Asus" for product "Dsl-n16"
--
Safe
Asus
Search vendor "Asus"
Dsl-n16u Firmware
Search vendor "Asus" for product "Dsl-n16u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n16u
Search vendor "Asus" for product "Dsl-n16u"
--
Safe
Asus
Search vendor "Asus"
Dsl-n17u Firmware
Search vendor "Asus" for product "Dsl-n17u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n17u
Search vendor "Asus" for product "Dsl-n17u"
--
Safe
Asus
Search vendor "Asus"
Dsl-n66u Firmware
Search vendor "Asus" for product "Dsl-n66u Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-n66u
Search vendor "Asus" for product "Dsl-n66u"
--
Safe
Asus
Search vendor "Asus"
Dsl-ac750 Firmware
Search vendor "Asus" for product "Dsl-ac750 Firmware"
--
Affected
in Asus
Search vendor "Asus"
Dsl-ac750
Search vendor "Asus" for product "Dsl-ac750"
--
Safe