Vulnerabilites related to asus - rt-ac66r
cve-2018-20333
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
References
| ▼ | URL | Tags |
|---|---|---|
| https://starlabs.sg/advisories/18-20333/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://starlabs.sg/advisories/18-20333/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T00:11:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://starlabs.sg/advisories/18-20333/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://starlabs.sg/advisories/18-20333/",
"refsource": "MISC",
"url": "https://starlabs.sg/advisories/18-20333/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20333",
"datePublished": "2020-03-20T00:11:15",
"dateReserved": "2018-12-21T00:00:00",
"dateUpdated": "2024-08-05T11:58:19.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43702
Vulnerability from cvelistv5
Published
2022-07-05 11:50
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-05T11:50:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-43702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
"refsource": "MISC",
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
"refsource": "MISC",
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43702",
"datePublished": "2022-07-05T11:50:03",
"dateReserved": "2021-11-15T00:00:00",
"dateUpdated": "2024-08-04T04:03:08.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20335
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://starlabs.sg/advisories/18-20335/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:18.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://starlabs.sg/advisories/18-20335/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T00:11:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://starlabs.sg/advisories/18-20335/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://starlabs.sg/advisories/18-20335/",
"refsource": "MISC",
"url": "https://starlabs.sg/advisories/18-20335/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20335",
"datePublished": "2020-03-20T00:11:09",
"dateReserved": "2018-12-21T00:00:00",
"dateUpdated": "2024-08-05T11:58:18.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20334
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
References
| ▼ | URL | Tags |
|---|---|---|
| https://starlabs.sg/advisories/18-20334/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:18.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://starlabs.sg/advisories/18-20334/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T00:11:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://starlabs.sg/advisories/18-20334/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://starlabs.sg/advisories/18-20334/",
"refsource": "MISC",
"url": "https://starlabs.sg/advisories/18-20334/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20334",
"datePublished": "2020-03-20T00:11:06",
"dateReserved": "2018-12-21T00:00:00",
"dateUpdated": "2024-08-05T11:58:18.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2718
Vulnerability from cvelistv5
Published
2014-11-04 22:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2014/Oct/122 | mailing-list, x_refsource_FULLDISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/98316 | vdb-entry, x_refsource_XF | |
| http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html | x_refsource_MISC | |
| https://support.t-mobile.com/docs/DOC-21994 | x_refsource_CONFIRM | |
| http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/70791 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:36.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20141028 CVE-2014-2718: ASUS wireless router updates are vulnerable to a MITM attack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"name": "asus-cve20142718-mitm(98316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"name": "70791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20141028 CVE-2014-2718: ASUS wireless router updates are vulnerable to a MITM attack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"name": "asus-cve20142718-mitm(98316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"name": "70791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141028 CVE-2014-2718: ASUS wireless router updates are vulnerable to a MITM attack",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"name": "asus-cve20142718-mitm(98316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"name": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"name": "https://support.t-mobile.com/docs/DOC-21994",
"refsource": "CONFIRM",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"name": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html",
"refsource": "MISC",
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"name": "70791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2718",
"datePublished": "2014-11-04T22:00:00",
"dateReserved": "2014-04-01T00:00:00",
"dateUpdated": "2024-08-06T10:21:36.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2014-11-04 22:55
Modified
2024-11-21 02:06
Severity ?
Summary
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*",
"matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B65300BF-25AB-4130-A6D3-27E673B47630",
"versionEndIncluding": "3.0.0.4.374.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F78791C6-23A8-41B6-A886-59A593165B8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0863AD7-F290-4201-BDD9-497C82517C75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "106D80BC-400A-4996-8A4E-68D3F24B200F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA91183-BE7D-4055-8707-1B11368D4435",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E2864C-6D9B-4D00-AB6A-82248DD82210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45140849-3F44-4866-850D-195B393F2849",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42BBB86A-961B-4529-8B74-CF6889156AB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98F88197-8E64-468C-8F36-281ED8E3716A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image."
},
{
"lang": "es",
"value": "Los routers ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, y posiblemente otros de la serie RT anterior a firmware 3.0.0.4.376.x no verifica la integridad de (1) informaci\u00f3n de actualizaciones o (2) actualizaciones de descargas del firmware, lo que permite a atacantes man-in-the-middle (MITM) ejecutar c\u00f3digo arbitrario a trav\u00e9s de un imagen manipulado."
}
],
"id": "CVE-2014-2718",
"lastModified": "2024-11-21T02:06:49.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-11-04T22:55:06.417",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/70791"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"source": "cve@mitre.org",
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/128904/ASUS-Router-Man-In-The-Middle.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.t-mobile.com/docs/DOC-21994"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://starlabs.sg/advisories/18-20334/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20334/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | asuswrt | 3.0.0.4.384.20308 | |
| asus | gt-ac2900 | - | |
| asus | gt-ac5300 | - | |
| asus | gt-ax11000 | - | |
| asus | rt-ac1200 | - | |
| asus | rt-ac1200_v2 | - | |
| asus | rt-ac1200g | - | |
| asus | rt-ac1200ge | - | |
| asus | rt-ac1750 | - | |
| asus | rt-ac1750_b1 | - | |
| asus | rt-ac1900p | - | |
| asus | rt-ac3100 | - | |
| asus | rt-ac3200 | - | |
| asus | rt-ac51u | - | |
| asus | rt-ac5300 | - | |
| asus | rt-ac55u | - | |
| asus | rt-ac56r | - | |
| asus | rt-ac56s | - | |
| asus | rt-ac56u | - | |
| asus | rt-ac66r | - | |
| asus | rt-ac66u | - | |
| asus | rt-ac66u-b1 | - | |
| asus | rt-ac66u_b1 | - | |
| asus | rt-ac68p | - | |
| asus | rt-ac68u | - | |
| asus | rt-ac86u | - | |
| asus | rt-ac87u | - | |
| asus | rt-ac88u | - | |
| asus | rt-acrh12 | - | |
| asus | rt-acrh13 | - | |
| asus | rt-ax3000 | - | |
| asus | rt-ax56u | - | |
| asus | rt-ax58u | - | |
| asus | rt-ax88u | - | |
| asus | rt-ax92u | - | |
| asus | rt-g32 | - | |
| asus | rt-n10\+d1 | - | |
| asus | rt-n10e | - | |
| asus | rt-n14u | - | |
| asus | rt-n16 | - | |
| asus | rt-n19 | - | |
| asus | rt-n56r | - | |
| asus | rt-n56u | - | |
| asus | rt-n600 | - | |
| asus | rt-n65u | - | |
| asus | rt-n66r | - | |
| asus | rt-n66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Al procesar los datos POST del archivo /start_apply.htm, se presenta un problema de inyecci\u00f3n de comandos por medio de metacaracteres de shell en el par\u00e1metro fb_email. Al usar este problema, un atacante puede controlar el enrutador y conseguir la shell."
}
],
"id": "CVE-2018-20334",
"lastModified": "2024-11-21T04:01:15.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-20T01:15:22.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20334/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20334/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://starlabs.sg/advisories/18-20335/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20335/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | asuswrt | 3.0.0.4.384.20308 | |
| asus | gt-ac2900 | - | |
| asus | gt-ac5300 | - | |
| asus | gt-ax11000 | - | |
| asus | rt-ac1200 | - | |
| asus | rt-ac1200_v2 | - | |
| asus | rt-ac1200g | - | |
| asus | rt-ac1200ge | - | |
| asus | rt-ac1750 | - | |
| asus | rt-ac1750_b1 | - | |
| asus | rt-ac1900p | - | |
| asus | rt-ac3100 | - | |
| asus | rt-ac3200 | - | |
| asus | rt-ac51u | - | |
| asus | rt-ac5300 | - | |
| asus | rt-ac55u | - | |
| asus | rt-ac56r | - | |
| asus | rt-ac56s | - | |
| asus | rt-ac56u | - | |
| asus | rt-ac66r | - | |
| asus | rt-ac66u | - | |
| asus | rt-ac66u-b1 | - | |
| asus | rt-ac66u_b1 | - | |
| asus | rt-ac68p | - | |
| asus | rt-ac68u | - | |
| asus | rt-ac86u | - | |
| asus | rt-ac87u | - | |
| asus | rt-ac88u | - | |
| asus | rt-acrh12 | - | |
| asus | rt-acrh13 | - | |
| asus | rt-ax3000 | - | |
| asus | rt-ax56u | - | |
| asus | rt-ax58u | - | |
| asus | rt-ax88u | - | |
| asus | rt-ax92u | - | |
| asus | rt-g32 | - | |
| asus | rt-n10\+d1 | - | |
| asus | rt-n10e | - | |
| asus | rt-n14u | - | |
| asus | rt-n16 | - | |
| asus | rt-n19 | - | |
| asus | rt-n56r | - | |
| asus | rt-n56u | - | |
| asus | rt-n600 | - | |
| asus | rt-n65u | - | |
| asus | rt-n66r | - | |
| asus | rt-n66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Un usuario no autenticado puede desencadenar una DoS del servicio httpd por medio del URI /APP_Installation.asp?=."
}
],
"id": "CVE-2018-20335",
"lastModified": "2024-11-21T04:01:15.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-20T01:15:22.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20335/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20335/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-05 12:15
Modified
2024-11-21 06:29
Severity ?
Summary
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/ | Product, Vendor Advisory | |
| cve@mitre.org | https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/ | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xd4s_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDAEEC5-E6E8-457E-8432-FD39D65BDEDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xd4s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3B20AB-5861-4E5F-B59E-F12D587D2AEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xt9_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "569711EA-9CBA-4B97-BC4C-B13C93DBB70F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xt9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "971A3BA4-5093-4B17-BEE6-039B12E3183E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xd5_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "46EC6E99-DE45-492E-8BC8-8D39018B07AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xd5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD83FAE-D0F5-4C4B-B731-A7E28AB38581",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_pro_et12_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "757EEF1F-E574-477F-A2CA-B8B69080EA30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_pro_et12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "126C4415-18E9-4989-88BE-BB46AD0BE096",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi__pro_xt12_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D186B98E-4255-4D8D-BDDF-D14BD447FA32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi__pro_xt12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B77BF29C-750A-4305-89BA-D4889875D888",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ax_hybrid_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F0790420-3761-420D-B2ED-BD8D1B38A141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ax_hybrid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5CCBC4-423E-4C96-AF4A-1104ECA2E17B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_et8_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3F13E-1E01-4B29-B135-F279F802C2AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_et8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D08073-95DA-426F-94DD-3F820180CC1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_xd6_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "106EA3E7-532A-40EB-A138-1C4214956278",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_xd6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEAB3EB-28B7-4FB8-9ECA-3A671B51A776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ac_mini_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "55D8268F-E64E-4856-9443-0246941DA712",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ac_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "684A13D8-D0BA-499C-B3E3-E075BE05EABA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ax_mini_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "B51D8BA5-6047-4EDB-B642-2068941066F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ax_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2B95883-48B9-4182-A721-8EDBF844C480",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ax_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7E460687-9C49-40AC-8107-969820F90C51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54F3A1C0-2616-4E64-9704-78922DF22477",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:zenwifi_ac_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "662CCFEE-DC9F-450D-BDC8-B185E9CD2DB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:zenwifi_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09478D87-D059-4C9B-83BB-22D55CFC9DB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "960791C1-B456-4DA8-B606-0988977DCE69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax88u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "25287F79-2607-402F-879C-920360FAFA76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax82u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7D226F86-D73A-482A-ABBD-48FDB755D137",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D118305-CAFD-425F-8352-3B241D2E7702",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax89x_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9DE7A3-F8B0-4785-ACAE-165F304BFF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax89x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F98D091B-BE82-4ED0-BA8F-DECF15A9D119",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax92u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B5A898-D537-4E75-AB7A-B8311F1DF94D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax86u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "84A5D3AF-D0F6-4B91-9B66-38215156F733",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB28700C-02EB-46D0-9BAD-833CE4790264",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax68u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "2C03B276-5913-4EF3-9EE6-2FEA71998FAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax82u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7D226F86-D73A-482A-ABBD-48FDB755D137",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D118305-CAFD-425F-8352-3B241D2E7702",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax3000_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "A15CDE16-255C-4A40-94A7-95C788FB2BE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax58u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBE622D-B408-44B2-B7C6-24D57539FB9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax55_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "1A169487-AD9E-4F63-87EB-673B0341B890",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3B2034-A825-4EE4-926F-7D871B6F9A35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "34BF10C4-7822-42F6-B114-87C5EB78BFA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "609655F3-B9AE-4075-A351-9B36195541AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rog_rapture_gt-ac5300_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F1C8AB-0A44-454A-9149-86559022F42E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rog_rapture_gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06FA8797-3675-479A-AFBB-AC4F25B439CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rog_rapture_gt-ax11000_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "ED377F42-5880-487E-A942-EC9B109CB69D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rog_rapture_gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "990862C8-4B83-4C35-88E2-91186E52C6D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rog_rapture_gt-ac2900_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C9153836-7577-44AE-ACD1-DC8991A77D28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rog_rapture_gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9DBAB2-B19E-44DC-AAB8-964E3552D6FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1300uhp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8FFBE7-4B92-488A-915B-1C5598D81FD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1300uhp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54B97C8-B312-4A17-BBF1-7381D28912B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1300g\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1E8C93-1633-4118-85FA-120B962AE214",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1300g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECDCBA1-4198-40C0-B9D7-170BC2AB8261",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:tuf_gaming_ax5400_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0D790FA3-E1B3-46CE-BB52-611CC4CF91A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:tuf_gaming_ax5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E77AB7A-918A-4337-A757-CD1083CCCDF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:tuf_gaming_ax3000_v2_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7497F325-BD79-432B-82E0-628CA7E51CA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:tuf_gaming_ax3000_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B78882B-11A8-46D9-A425-1ACAE6EF7CDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "E1864563-DEBF-412B-8763-58161F6D309D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac5300_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEA8F8C-0A72-42C9-A456-A9A4CACD2CB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200g_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBF2427-0F6A-461B-8B03-D23A6C3BF404",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200hp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "850E8DCA-6B59-4F03-97B8-0A332B025987",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37EA4BB5-7F63-4CD5-9F66-7EC0BB901FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200g\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2F3B5D-C56E-4391-A71B-C1B58E308FBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0A7BAC-63CD-4758-9463-211574486A45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200e_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "458E3EB7-EF12-43BD-8956-9E892C886AAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28248D9F-07A8-4FBF-818D-B76DB38854FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1200gu_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "52D88F76-7B33-4B37-B057-D1B7F7A8D363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1200gu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1CC84A-95E3-4F28-B831-040619426244",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac3100_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "2915225A-086C-4585-BF59-D6E075C78197",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac58u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "5E50CFD0-2B4C-4D77-9A32-03D0474D91E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50D22A86-7CA0-49EC-8B1D-47D6B7E8E15F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac88u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "8C33813E-EA85-4F4E-9FE7-997267884BB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac56u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "775AB1CB-F843-4262-AB43-BC13AA298CEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac56r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C72E066D-30CB-49E9-8C10-7C4C453E2813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac56s_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCD73E0-9220-49F9-AA7B-B2AF132051CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac3200_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "3303372F-E52E-4756-B205-773B77DCC24B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac55u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "8F75EF51-9844-4D74-884A-7C04AFF6C310",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2900_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C9E5F6-5402-427C-A85F-D82B0D4E1DF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2640D39-F0C3-49AA-87D1-F423150FDF2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac55uhp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAA43C6-2DBA-4ADF-8773-9C25A0DDEE9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac55uhp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69102D-EF9E-4E84-B9FA-9049F7816E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2600_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC73139-1865-4E6C-9A4F-E4F79B1FE9CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "985B5B75-7936-413C-A4DD-608E1378718A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac53_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "116B31F2-6DCD-4342-BE0C-7FCADEBBAF87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09FFA25-CEE0-4529-A4F3-A93D23CB26F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2400_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "3926212A-CA52-48FD-BE4D-A1B656BCF133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56484DE8-0DBE-40E5-A652-8438CD1EF9A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac52u_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "6845A682-26C6-4E80-B0F4-B400B1EB7AC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac52u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "959BF67B-D5CF-4E55-981F-56149DCCC927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac2200_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F84B7-B8D0-4A7D-ACE4-EBA4FDADF85E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0ADA8C-58FE-4EDD-B979-FF02639A79A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac51u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C1525164-721B-4A5D-8BC1-036CEF01AA72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac51u\\+_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "4E3F816D-560D-4B7F-8CC0-CED83EB6C45B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac51u\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A56B3D13-D0A5-482C-9E40-173EF23DA849",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac87u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "958A0324-8CEE-433D-9E10-FBFFF83B5D2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac87r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BD3267-CA06-4AF0-838C-6022242B0A9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac87r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34D91D22-049E-46BB-A85D-D9FDD81BCAB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-acrh17_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "049ACFBB-76CE-450F-8F33-5C5CAE3FCF36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-acrh17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "137B2237-4581-4894-A36A-DE49C96CB80F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E1E2F-BDFF-43CB-ACED-90386148F25E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-acrh13_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F2C90-9924-4A5B-B480-9359D65D4997",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac85u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C28ADB3C-23C9-463C-9005-4641B3D54817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac85u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40933EE3-E7D1-438E-B551-892D20042593",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D653C25C-CE16-4CFA-9D14-790D95B9E3A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "90714873-F25D-498F-B4B8-09F0BD3810E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66w_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "549EF224-94AE-4226-88D2-DB70671B5EFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB181BD-4C90-44F4-9E43-1230C2455243",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n66c1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6EA4E6-F589-43A1-BB57-995F8A79CBA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n66c1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B08A821-2DDD-4B4E-991D-7A683073D3F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac85p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "822329E4-C623-444A-84D1-0B729E0D82C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac85p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D268AD1-5F24-46CE-8E23-B24ECE6D049A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n18u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "A2284A76-5377-42B1-A7FB-21718E3623B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n18u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB744DE5-64DB-4EFF-A23C-EE9BB57A36C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac65p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "08853311-7B1D-475E-BF65-4C833DE6B865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac65p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9BA5F5-E43D-4187-9BED-4A71BA4E4974",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n19_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "006A39FA-D10A-47DB-8EA8-1F7735CDE42B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac57u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "D118329C-B834-4D68-8A11-46771DC2EA7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac57u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F42D43F-C52B-4809-9E08-5F908DF0E67D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n14uhp_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "06E53E35-1576-470B-9CBB-9D59B9332A7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n14uhp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76A8DF-A914-4700-8EE2-29CD4205F4B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6A2CA4-91BB-4500-8733-9205E7FFB3D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "97254DEB-10C1-4020-8E7A-E2088A774DB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2F0504-2FB5-4983-BD98-8080D4BF49DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA9DBF2-5A51-47D3-A428-6E20D8472EAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68w_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "264E599A-8E85-43B7-90AF-B6CE6441B992",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB2F5A0-ADD6-4725-8B27-F10B5F4CEC6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac68uf_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "4D207FED-F8B3-4330-B79C-CA28485B6B41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac68uf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85422660-7559-4ED0-8ED3-DF928C50FD4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12e_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "0921E20F-8495-4543-B202-A362E8ADB8F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12e_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "992A3E02-BBC4-4738-AF26-5278E31F1F08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12e_c1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9E35F7-FAD2-4941-98C7-2AE5FCC0881A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12e_c1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D17BCFEC-0436-48F0-BE18-3A2018D0A5C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac65u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CC243-6267-4AB0-824E-96FE4C21284B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75F69BB5-8269-4E72-9BDE-60964F833C99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12hp_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D4E0FF-1E2C-4576-B5AB-B9A1ABECDF9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12hp_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2DDFE-344F-4A69-B347-0A29512EE5BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1900_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "109295F0-5525-449A-991C-18004AAEFCB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E715D86-A7FC-415E-8C13-1ACAF9C49C3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12vp_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "E69AA872-568F-4F6D-9715-1ED1A4E2C8D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12vp_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB81E20-E712-4F44-832C-8A7503316164",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1900p_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "B344B5B3-D690-4639-815C-62B6024D5B56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1900u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "C38788F7-3288-47B3-8793-98E16D7D758A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1900u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E285091-0B5F-43AE-A59C-4D3439E77053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12\\+_b1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "83A102DA-FA2E-4F02-890B-1BAA599A16FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12\\+_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C77F3227-992F-4F53-86CC-DDD842B6C6C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "78B5BD13-0EA3-465A-BF46-21A242CF6977",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-n12d1_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "394D1205-366E-4F95-9D84-F083F61B24CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n12d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E99301-3EC0-4E09-AB00-A0AB1AC0AA97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac1750_b1__firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD5E72B-CF7A-4EAB-9F4C-64BE953029F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D10D10-1F57-4157-89BD-A711D3024B10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:4g-ac53u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBED666-37F7-49B4-BBDB-7999FC82AF12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:4g-ac53u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3381A1-5169-4DA9-BC6F-8FDBD7090FC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "18ED9E0E-2E5A-4FB0-86A8-E452D385F8B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66r_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "41A6A080-7612-4AF2-AF1E-339E00B9A889",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:rt-ac66w_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "9B4ECE7F-6173-4637-85DF-7B44EA41FFA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-ac66w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D988AC4-60B7-4388-8589-A04CACC2CB31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:4g-ac68u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*",
"matchCriteriaId": "5250DC13-AC0E-4E95-9450-AAF420E5E2C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:4g-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46317EAB-C1A9-4811-9DB4-767A58E92A3B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
},
{
"lang": "es",
"value": "ASUS RT-A88U versi\u00f3n 3.0.0.4.386_45898 es vulnerable a un ataque de tipo Cross Site Scripting (XSS).\u0026#xa0;El panel de administraci\u00f3n del enrutador ASUS no desinfecta los registros de WiFI correctamente, si un atacante pudiera cambiar el SSID del enrutador con una carga \u00fatil personalizada, podr\u00eda obtener XSS almacenado en el dispositivo"
}
],
"id": "CVE-2021-43702",
"lastModified": "2024-11-21T06:29:39.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-05T12:15:07.830",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://starlabs.sg/advisories/18-20333/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20333/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asus | asuswrt | 3.0.0.4.384.20308 | |
| asus | gt-ac2900 | - | |
| asus | gt-ac5300 | - | |
| asus | gt-ax11000 | - | |
| asus | rt-ac1200 | - | |
| asus | rt-ac1200_v2 | - | |
| asus | rt-ac1200g | - | |
| asus | rt-ac1200ge | - | |
| asus | rt-ac1750 | - | |
| asus | rt-ac1750_b1 | - | |
| asus | rt-ac1900p | - | |
| asus | rt-ac3100 | - | |
| asus | rt-ac3200 | - | |
| asus | rt-ac51u | - | |
| asus | rt-ac5300 | - | |
| asus | rt-ac55u | - | |
| asus | rt-ac56r | - | |
| asus | rt-ac56s | - | |
| asus | rt-ac56u | - | |
| asus | rt-ac66r | - | |
| asus | rt-ac66u | - | |
| asus | rt-ac66u-b1 | - | |
| asus | rt-ac66u_b1 | - | |
| asus | rt-ac68p | - | |
| asus | rt-ac68u | - | |
| asus | rt-ac86u | - | |
| asus | rt-ac87u | - | |
| asus | rt-ac88u | - | |
| asus | rt-acrh12 | - | |
| asus | rt-acrh13 | - | |
| asus | rt-ax3000 | - | |
| asus | rt-ax56u | - | |
| asus | rt-ax58u | - | |
| asus | rt-ax88u | - | |
| asus | rt-ax92u | - | |
| asus | rt-g32 | - | |
| asus | rt-n10\+d1 | - | |
| asus | rt-n10e | - | |
| asus | rt-n14u | - | |
| asus | rt-n16 | - | |
| asus | rt-n19 | - | |
| asus | rt-n56r | - | |
| asus | rt-n56u | - | |
| asus | rt-n600 | - | |
| asus | rt-n65u | - | |
| asus | rt-n66r | - | |
| asus | rt-n66u | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D747097-702E-4046-9723-01A586336534",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*",
"matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Un usuario no autenticado puede solicitar el archivo /update_applist.asp para visualizar si un dispositivo USB se encuentra adjunto al enrutador y si hay aplicaciones instaladas en el enrutador."
}
],
"id": "CVE-2018-20333",
"lastModified": "2024-11-21T04:01:15.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-20T01:15:22.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20333/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://starlabs.sg/advisories/18-20333/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201403-0712
Vulnerability from variot
ASUS (ASUS) is the largest hardware manufacturer in Taiwan. A variety of ASUS router products (firmware version 3.0.0.4.374.x) failed to properly restrict access to the file /smb.xml after enabling the AiCloud web service, and an attacker could exploit the vulnerability to leak sensitive information. Multiple ASUS Routers are prone to an authentication-bypass vulnerability. An attacker could leverage this issue to bypass the authentication mechanism and obtain sensitive information. The following products running firmware version 3.0.0.4.374.x are vulnerable: RT-AC68U Dual-band Wireless-AC1900 Gigabit Router RT-AC66R Dual-Band Wireless-AC1750 Gigabit Router RT-AC66U Dual-Band Wireless-AC1750 Gigabit Router RT-N66R Dual-Band Wireless-N900 Gigabit Router RT-N66U Dual-Band Wireless-N900 Gigabit Router RT-AC56U Dual-Band Wireless-AC1200 Gigabit Router RT-N56R Dual-Band Wireless-AC1200 Gigabit Router RT-N56U Dual-Band Wireless-AC1200 Gigabit Router RT-N14U Wireless-N300 Cloud Router RT-N14UHP Wireless-N300 Cloud Router RT-N16 Wireless-N300 Gigabit Router RT-N16R Wireless-N300 Gigabit Router
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0712",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt-ac56u router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n14u router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n16 router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n56r router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n66r router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-ac66r router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-ac68u router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n14uhp router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n16r router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n56u wireless router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n66u router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-ac66u router",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n66u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n66r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n56u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n56r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n16r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n16",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n14uhp",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n14u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac68u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac66u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac66r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac56u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
},
{
"db": "BID",
"id": "65861"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kyle Lovett",
"sources": [
{
"db": "BID",
"id": "65861"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01390",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2014-01390",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS (ASUS) is the largest hardware manufacturer in Taiwan. A variety of ASUS router products (firmware version 3.0.0.4.374.x) failed to properly restrict access to the file /smb.xml after enabling the AiCloud web service, and an attacker could exploit the vulnerability to leak sensitive information. Multiple ASUS Routers are prone to an authentication-bypass vulnerability. \nAn attacker could leverage this issue to bypass the authentication mechanism and obtain sensitive information. \nThe following products running firmware version 3.0.0.4.374.x are vulnerable:\nRT-AC68U Dual-band Wireless-AC1900 Gigabit Router\nRT-AC66R Dual-Band Wireless-AC1750 Gigabit Router\nRT-AC66U Dual-Band Wireless-AC1750 Gigabit Router\nRT-N66R Dual-Band Wireless-N900 Gigabit Router\nRT-N66U Dual-Band Wireless-N900 Gigabit Router\nRT-AC56U Dual-Band Wireless-AC1200 Gigabit Router\nRT-N56R Dual-Band Wireless-AC1200 Gigabit Router\nRT-N56U Dual-Band Wireless-AC1200 Gigabit Router\nRT-N14U Wireless-N300 Cloud Router\nRT-N14UHP Wireless-N300 Cloud Router\nRT-N16 Wireless-N300 Gigabit Router\nRT-N16R Wireless-N300 Gigabit Router",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
},
{
"db": "BID",
"id": "65861"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "65861",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "56905",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2014-01390",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
},
{
"db": "BID",
"id": "65861"
}
]
},
"id": "VAR-201403-0712",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
}
],
"trust": 1.411373705909091
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
}
]
},
"last_update_date": "2022-05-17T01:51:10.409000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for multiple ASUS routers \u0027smb.xml\u0027 authentication bypass vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43991"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56905/"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-02/0032.html"
},
{
"trust": 0.3,
"url": "http://www.asus.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
},
{
"db": "BID",
"id": "65861"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
},
{
"db": "BID",
"id": "65861"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01390"
},
{
"date": "2014-02-08T00:00:00",
"db": "BID",
"id": "65861"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01390"
},
{
"date": "2014-02-08T00:00:00",
"db": "BID",
"id": "65861"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "65861"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple ASUS Router \u0027smb.xml\u0027 Authentication Bypass Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01390"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "65861"
}
],
"trust": 0.3
}
}
var-202207-0160
Vulnerability from variot
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device. ASUS RT-A88U is a wireless router from ASUS (ASUS) in Taiwan
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0160",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zenwifi xd4s",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ac mini",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac58u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax86u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac87u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-acrh13",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12vp b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2400",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi pro et12",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac5300",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12e c1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac55u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68uf",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi xd6",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1300g\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2200",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66u\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac56s",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax82u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1300uhp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12hp b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac85u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200g",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "tuf gaming ax3000 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac55uhp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1750 b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n14uhp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac3100",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi pro xt12",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac51u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi et8",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax92u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66w",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax68u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax58u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax55",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac3200",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi xt9",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rog rapture gt-ac5300",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1750",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax3000",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rog rapture gt-ax11000",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac56u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax89x",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi xd5",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ax hybrid",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac52u b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1900",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12\\+ b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200g\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66w",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ax mini",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200e",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2900",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac53",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac85p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n19",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68w",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200gu",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax56u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac51u\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax88u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12d1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac65p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1900u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ax",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "4g-ac68u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ac",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac57u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n18u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac86u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac65u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66u b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "4g-ac53u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2600",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac87r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-acrh17",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "tuf gaming ax5400",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12e b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rog rapture gt-ac2900",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200hp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1900p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac56r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac88u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66c1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-a88u 3.0.0.4.386 45898",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"cve": "CVE-2021-43702",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-43702",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2022-58229",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.3,
"id": "CVE-2021-43702",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-43702",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-58229",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-389",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-43702",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device. ASUS RT-A88U is a wireless router from ASUS (ASUS) in Taiwan",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-43702"
},
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-43702",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2022-58229",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-43702",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"id": "VAR-202207-0160",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
}
],
"trust": 1.2372652696875
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
}
]
},
"last_update_date": "2024-08-14T15:27:14.485000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for ASUS RT-A88U Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/345646"
},
{
"title": "ASUS RT-A88U Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=200692"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
},
{
"trust": 1.7,
"url": "https://www.asus.com/uk/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ac88u/"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-43702/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"date": "2022-07-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"date": "2022-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"date": "2022-07-05T12:15:07.830000",
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"date": "2022-07-18T00:00:00",
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"date": "2022-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"date": "2022-07-18T15:27:57.557000",
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-A88U Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
],
"trust": 0.6
}
}
var-201411-0483
Vulnerability from variot
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image. Supplementary information : CWE Vulnerability type by CWE-345: Insufficient Verification of Data Authenticity ( Inadequate verification of data reliability ) Has been identified. ASUS RT-Series Wireless Routers is a wireless router device. There is a middleman security bypass vulnerability in ASUS RT Series Wireless Routers. An attacker can exploit a vulnerability to bypass certain restrictions and obtain sensitive information. The following products are affected: ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. In short, the router downloads via clear-text a file from http://dlcdnet.asus.com, parses it to determine the latest firmware version, then downloads (again in the clear) a binary file matching that version number from the same web site. No HTTP = no assurance that the site on the other end is the legitimate ASUS web site, and no assurance that the firmware file and version lookup table have not been modified in transit.
In the link below I describe the issue in detail, and demonstrate a proof of concept through which I successfully caused an RT-AC66R to "upgrade" to an older firmware with known vulnerabilities. In concept it should also be possible to deliver a fully custom malicious firmware in the same manner.
This applies to the RT-AC68U, RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. It may also apply to the RT-N53, RT-N14U, RT-N16, and RT-N16R since they use the same firmware base but a different sub-version.
This has been fixed as an undocumented feature of the 376 firmware branch (3.0.0.4.376.x).
Details and POC: http://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html
-- Regards, David Longenecker @dnlongen
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0483",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tm-ac1900",
"scope": "eq",
"trust": 1.6,
"vendor": "t mobile",
"version": "3.0.0.4.376_3169"
},
{
"model": "rt series",
"scope": "lte",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.374.x"
},
{
"model": "rt",
"scope": "lt",
"trust": 0.8,
"vendor": "asustek computer",
"version": "3.0.0.4.376.x"
},
{
"model": "rt-series wireless routers",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
},
{
"model": "rt-n66u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n66r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n56u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n56r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n53",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n16r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n16",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-n14u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac68u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac66u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac66r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac56u",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
},
{
"model": "rt-ac56r",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "BID",
"id": "70791"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
},
{
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:rt_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Longenecker",
"sources": [
{
"db": "BID",
"id": "70791"
},
{
"db": "PACKETSTORM",
"id": "128904"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
}
],
"trust": 1.0
},
"cve": "CVE-2014-2718",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-2718",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-07699",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-70657",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2718",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-2718",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-07699",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-1415",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-70657",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "VULHUB",
"id": "VHN-70657"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
},
{
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image. Supplementary information : CWE Vulnerability type by CWE-345: Insufficient Verification of Data Authenticity ( Inadequate verification of data reliability ) Has been identified. ASUS RT-Series Wireless Routers is a wireless router device. There is a middleman security bypass vulnerability in ASUS RT Series Wireless Routers. An attacker can exploit a vulnerability to bypass certain restrictions and obtain sensitive information. The following products are affected: ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. In short, the router downloads via clear-text a\nfile from http://dlcdnet.asus.com, parses it to determine the latest\nfirmware version, then downloads (again in the clear) a binary file\nmatching that version number from the same web site. No HTTP = no assurance\nthat the site on the other end is the legitimate ASUS web site, and no\nassurance that the firmware file and version lookup table have not been\nmodified in transit. \n\nIn the link below I describe the issue in detail, and demonstrate a proof\nof concept through which I successfully caused an RT-AC66R to \"upgrade\" to\nan older firmware with known vulnerabilities. In concept it should also be\npossible to deliver a fully custom malicious firmware in the same manner. \n\nThis applies to the RT-AC68U, RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R,\nRT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U. It may also apply to the\nRT-N53, RT-N14U, RT-N16, and RT-N16R since they use the same firmware base\nbut a different sub-version. \n\nThis has been fixed as an undocumented feature of the 376 firmware branch\n(3.0.0.4.376.x). \n\nDetails and POC:\nhttp://dnlongen.blogspot.com/2014/10/CVE-2014-2718-Asus-RT-MITM.html\n\n-- \nRegards,\nDavid Longenecker\n@dnlongen\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2718"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "BID",
"id": "70791"
},
{
"db": "VULHUB",
"id": "VHN-70657"
},
{
"db": "PACKETSTORM",
"id": "128904"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-70657",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70657"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2718",
"trust": 3.5
},
{
"db": "BID",
"id": "70791",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "128904",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-07699",
"trust": 0.6
},
{
"db": "XF",
"id": "98316",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-70657",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "VULHUB",
"id": "VHN-70657"
},
{
"db": "BID",
"id": "70791"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "PACKETSTORM",
"id": "128904"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
},
{
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"id": "VAR-201411-0483",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "VULHUB",
"id": "VHN-70657"
}
],
"trust": 1.3441403886666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
}
]
},
"last_update_date": "2024-11-23T22:52:49.688000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.asus.com/jp/"
},
{
"title": "Cellspot router firmware update information",
"trust": 0.8,
"url": "https://support.t-mobile.com/docs/DOC-21994"
},
{
"title": "ASUS RT Series Wireless Routers patch for middleman security bypass vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/51508"
},
{
"title": "FW_RT_AC68U_30043763715",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54536"
},
{
"title": "FW_RT_AC68U_30043763626",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54537"
},
{
"title": "FW_RT_AC68U_30043761663",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54538"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-345",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70657"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://seclists.org/fulldisclosure/2014/oct/122"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/70791"
},
{
"trust": 2.1,
"url": "http://dnlongen.blogspot.com/2014/10/cve-2014-2718-asus-rt-mitm.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/128904/asus-router-man-in-the-middle.html"
},
{
"trust": 1.1,
"url": "https://support.t-mobile.com/docs/doc-21994"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98316"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2718"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2718"
},
{
"trust": 0.8,
"url": "http://dnlongen.blogspot.jp/2014/10/cve-2014-2718-asus-rt-mitm.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/98316"
},
{
"trust": 0.3,
"url": "http://www.asus.com/"
},
{
"trust": 0.1,
"url": "http://dlcdnet.asus.com,"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2718"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "VULHUB",
"id": "VHN-70657"
},
{
"db": "BID",
"id": "70791"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "PACKETSTORM",
"id": "128904"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
},
{
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"db": "VULHUB",
"id": "VHN-70657"
},
{
"db": "BID",
"id": "70791"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"db": "PACKETSTORM",
"id": "128904"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
},
{
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"date": "2014-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-70657"
},
{
"date": "2014-10-28T00:00:00",
"db": "BID",
"id": "70791"
},
{
"date": "2014-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"date": "2014-10-29T12:11:11",
"db": "PACKETSTORM",
"id": "128904"
},
{
"date": "2014-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1415"
},
{
"date": "2014-11-04T22:55:06.417000",
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07699"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-70657"
},
{
"date": "2014-10-28T00:00:00",
"db": "BID",
"id": "70791"
},
{
"date": "2016-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005239"
},
{
"date": "2014-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1415"
},
{
"date": "2024-11-21T02:06:49.693000",
"db": "NVD",
"id": "CVE-2014-2718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1415"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT Series router firmware arbitrary code execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005239"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "70791"
}
],
"trust": 0.3
}
}