CVE-2018-20333
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
Se detectó un problema en ASUSWRT versión 3.0.0.4.384.20308. Un usuario no autenticado puede solicitar el archivo /update_applist.asp para visualizar si un dispositivo USB se encuentra adjunto al enrutador y si hay aplicaciones instaladas en el enrutador.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-21 CVE Reserved
- 2020-03-20 CVE Published
- 2024-06-29 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://starlabs.sg/advisories/18-20333 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Gt-ac2900 Search vendor "Asus" for product "Gt-ac2900" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Gt-ac5300 Search vendor "Asus" for product "Gt-ac5300" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Gt-ax11000 Search vendor "Asus" for product "Gt-ax11000" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac1200 Search vendor "Asus" for product "Rt-ac1200" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac1200 V2 Search vendor "Asus" for product "Rt-ac1200 V2" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac1200g Search vendor "Asus" for product "Rt-ac1200g" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac1200ge Search vendor "Asus" for product "Rt-ac1200ge" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac1750 Search vendor "Asus" for product "Rt-ac1750" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac1750 B1 Search vendor "Asus" for product "Rt-ac1750 B1" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac1900p Search vendor "Asus" for product "Rt-ac1900p" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac3100 Search vendor "Asus" for product "Rt-ac3100" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac3200 Search vendor "Asus" for product "Rt-ac3200" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac51u Search vendor "Asus" for product "Rt-ac51u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac5300 Search vendor "Asus" for product "Rt-ac5300" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac55u Search vendor "Asus" for product "Rt-ac55u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac56r Search vendor "Asus" for product "Rt-ac56r" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac56s Search vendor "Asus" for product "Rt-ac56s" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac56u Search vendor "Asus" for product "Rt-ac56u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac66r Search vendor "Asus" for product "Rt-ac66r" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac66u Search vendor "Asus" for product "Rt-ac66u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac66u-b1 Search vendor "Asus" for product "Rt-ac66u-b1" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac66u B1 Search vendor "Asus" for product "Rt-ac66u B1" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac68p Search vendor "Asus" for product "Rt-ac68p" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac68u Search vendor "Asus" for product "Rt-ac68u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac86u Search vendor "Asus" for product "Rt-ac86u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac87u Search vendor "Asus" for product "Rt-ac87u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ac88u Search vendor "Asus" for product "Rt-ac88u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-acrh12 Search vendor "Asus" for product "Rt-acrh12" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-acrh13 Search vendor "Asus" for product "Rt-acrh13" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax3000 Search vendor "Asus" for product "Rt-ax3000" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax56u Search vendor "Asus" for product "Rt-ax56u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax58u Search vendor "Asus" for product "Rt-ax58u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax88u Search vendor "Asus" for product "Rt-ax88u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax92u Search vendor "Asus" for product "Rt-ax92u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-g32 Search vendor "Asus" for product "Rt-g32" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n10\+d1 Search vendor "Asus" for product "Rt-n10\+d1" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n10e Search vendor "Asus" for product "Rt-n10e" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n14u Search vendor "Asus" for product "Rt-n14u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n16 Search vendor "Asus" for product "Rt-n16" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n19 Search vendor "Asus" for product "Rt-n19" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n56r Search vendor "Asus" for product "Rt-n56r" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n56u Search vendor "Asus" for product "Rt-n56u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n600 Search vendor "Asus" for product "Rt-n600" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n65u Search vendor "Asus" for product "Rt-n65u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n66r Search vendor "Asus" for product "Rt-n66r" | - | - |
Safe
|
| Asus Search vendor "Asus" | Asuswrt Search vendor "Asus" for product "Asuswrt" | 3.0.0.4.384.20308 Search vendor "Asus" for product "Asuswrt" and version "3.0.0.4.384.20308" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-n66u Search vendor "Asus" for product "Rt-n66u" | - | - |
Safe
|