Vulnerabilites related to asus - rt-ac66u-b1
cve-2018-20333
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
References
▼ | URL | Tags |
---|---|---|
https://starlabs.sg/advisories/18-20333/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:58:19.040Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://starlabs.sg/advisories/18-20333/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-03-20T00:11:15", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://starlabs.sg/advisories/18-20333/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20333", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://starlabs.sg/advisories/18-20333/", "refsource": "MISC", "url": "https://starlabs.sg/advisories/18-20333/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20333", "datePublished": "2020-03-20T00:11:15", "dateReserved": "2018-12-21T00:00:00", "dateUpdated": "2024-08-05T11:58:19.040Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-20335
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
References
▼ | URL | Tags |
---|---|---|
https://starlabs.sg/advisories/18-20335/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:58:18.948Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://starlabs.sg/advisories/18-20335/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-03-20T00:11:08", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://starlabs.sg/advisories/18-20335/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20335", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://starlabs.sg/advisories/18-20335/", "refsource": "MISC", "url": "https://starlabs.sg/advisories/18-20335/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20335", "datePublished": "2020-03-20T00:11:09", "dateReserved": "2018-12-21T00:00:00", "dateUpdated": "2024-08-05T11:58:18.948Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-20334
Vulnerability from cvelistv5
Published
2020-03-20 00:11
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
References
▼ | URL | Tags |
---|---|---|
https://starlabs.sg/advisories/18-20334/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:58:18.926Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://starlabs.sg/advisories/18-20334/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-03-20T00:11:06", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://starlabs.sg/advisories/18-20334/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20334", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://starlabs.sg/advisories/18-20334/", "refsource": "MISC", "url": "https://starlabs.sg/advisories/18-20334/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20334", "datePublished": "2020-03-20T00:11:06", "dateReserved": "2018-12-21T00:00:00", "dateUpdated": "2024-08-05T11:58:18.926Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://starlabs.sg/advisories/18-20334/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20334/ | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
asus | asuswrt | 3.0.0.4.384.20308 | |
asus | gt-ac2900 | - | |
asus | gt-ac5300 | - | |
asus | gt-ax11000 | - | |
asus | rt-ac1200 | - | |
asus | rt-ac1200_v2 | - | |
asus | rt-ac1200g | - | |
asus | rt-ac1200ge | - | |
asus | rt-ac1750 | - | |
asus | rt-ac1750_b1 | - | |
asus | rt-ac1900p | - | |
asus | rt-ac3100 | - | |
asus | rt-ac3200 | - | |
asus | rt-ac51u | - | |
asus | rt-ac5300 | - | |
asus | rt-ac55u | - | |
asus | rt-ac56r | - | |
asus | rt-ac56s | - | |
asus | rt-ac56u | - | |
asus | rt-ac66r | - | |
asus | rt-ac66u | - | |
asus | rt-ac66u-b1 | - | |
asus | rt-ac66u_b1 | - | |
asus | rt-ac68p | - | |
asus | rt-ac68u | - | |
asus | rt-ac86u | - | |
asus | rt-ac87u | - | |
asus | rt-ac88u | - | |
asus | rt-acrh12 | - | |
asus | rt-acrh13 | - | |
asus | rt-ax3000 | - | |
asus | rt-ax56u | - | |
asus | rt-ax58u | - | |
asus | rt-ax88u | - | |
asus | rt-ax92u | - | |
asus | rt-g32 | - | |
asus | rt-n10\+d1 | - | |
asus | rt-n10e | - | |
asus | rt-n14u | - | |
asus | rt-n16 | - | |
asus | rt-n19 | - | |
asus | rt-n56r | - | |
asus | rt-n56u | - | |
asus | rt-n600 | - | |
asus | rt-n65u | - | |
asus | rt-n66r | - | |
asus | rt-n66u | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*", "matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*", "matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*", "matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*", "matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*", "matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*", "matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*", "matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*", "matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*", "matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*", "matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*", "matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*", "matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*", "matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D747097-702E-4046-9723-01A586336534", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*", "matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*", "matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*", "matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*", "matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*", "matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell." }, { "lang": "es", "value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Al procesar los datos POST del archivo /start_apply.htm, se presenta un problema de inyecci\u00f3n de comandos por medio de metacaracteres de shell en el par\u00e1metro fb_email. Al usar este problema, un atacante puede controlar el enrutador y conseguir la shell." } ], "id": "CVE-2018-20334", "lastModified": "2024-11-21T04:01:15.487", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-03-20T01:15:22.357", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://starlabs.sg/advisories/18-20334/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://starlabs.sg/advisories/18-20334/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://starlabs.sg/advisories/18-20335/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20335/ | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
asus | asuswrt | 3.0.0.4.384.20308 | |
asus | gt-ac2900 | - | |
asus | gt-ac5300 | - | |
asus | gt-ax11000 | - | |
asus | rt-ac1200 | - | |
asus | rt-ac1200_v2 | - | |
asus | rt-ac1200g | - | |
asus | rt-ac1200ge | - | |
asus | rt-ac1750 | - | |
asus | rt-ac1750_b1 | - | |
asus | rt-ac1900p | - | |
asus | rt-ac3100 | - | |
asus | rt-ac3200 | - | |
asus | rt-ac51u | - | |
asus | rt-ac5300 | - | |
asus | rt-ac55u | - | |
asus | rt-ac56r | - | |
asus | rt-ac56s | - | |
asus | rt-ac56u | - | |
asus | rt-ac66r | - | |
asus | rt-ac66u | - | |
asus | rt-ac66u-b1 | - | |
asus | rt-ac66u_b1 | - | |
asus | rt-ac68p | - | |
asus | rt-ac68u | - | |
asus | rt-ac86u | - | |
asus | rt-ac87u | - | |
asus | rt-ac88u | - | |
asus | rt-acrh12 | - | |
asus | rt-acrh13 | - | |
asus | rt-ax3000 | - | |
asus | rt-ax56u | - | |
asus | rt-ax58u | - | |
asus | rt-ax88u | - | |
asus | rt-ax92u | - | |
asus | rt-g32 | - | |
asus | rt-n10\+d1 | - | |
asus | rt-n10e | - | |
asus | rt-n14u | - | |
asus | rt-n16 | - | |
asus | rt-n19 | - | |
asus | rt-n56r | - | |
asus | rt-n56u | - | |
asus | rt-n600 | - | |
asus | rt-n65u | - | |
asus | rt-n66r | - | |
asus | rt-n66u | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*", "matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*", "matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*", "matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*", "matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*", "matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*", "matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*", "matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*", "matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*", "matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*", "matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*", "matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*", "matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*", "matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D747097-702E-4046-9723-01A586336534", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*", "matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*", "matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*", "matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*", "matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*", "matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI." }, { "lang": "es", "value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Un usuario no autenticado puede desencadenar una DoS del servicio httpd por medio del URI /APP_Installation.asp?=." } ], "id": "CVE-2018-20335", "lastModified": "2024-11-21T04:01:15.650", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-03-20T01:15:22.453", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://starlabs.sg/advisories/18-20335/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://starlabs.sg/advisories/18-20335/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-03-20 01:15
Modified
2024-11-21 04:01
Severity ?
Summary
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://starlabs.sg/advisories/18-20333/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://starlabs.sg/advisories/18-20333/ | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
asus | asuswrt | 3.0.0.4.384.20308 | |
asus | gt-ac2900 | - | |
asus | gt-ac5300 | - | |
asus | gt-ax11000 | - | |
asus | rt-ac1200 | - | |
asus | rt-ac1200_v2 | - | |
asus | rt-ac1200g | - | |
asus | rt-ac1200ge | - | |
asus | rt-ac1750 | - | |
asus | rt-ac1750_b1 | - | |
asus | rt-ac1900p | - | |
asus | rt-ac3100 | - | |
asus | rt-ac3200 | - | |
asus | rt-ac51u | - | |
asus | rt-ac5300 | - | |
asus | rt-ac55u | - | |
asus | rt-ac56r | - | |
asus | rt-ac56s | - | |
asus | rt-ac56u | - | |
asus | rt-ac66r | - | |
asus | rt-ac66u | - | |
asus | rt-ac66u-b1 | - | |
asus | rt-ac66u_b1 | - | |
asus | rt-ac68p | - | |
asus | rt-ac68u | - | |
asus | rt-ac86u | - | |
asus | rt-ac87u | - | |
asus | rt-ac88u | - | |
asus | rt-acrh12 | - | |
asus | rt-acrh13 | - | |
asus | rt-ax3000 | - | |
asus | rt-ax56u | - | |
asus | rt-ax58u | - | |
asus | rt-ax88u | - | |
asus | rt-ax92u | - | |
asus | rt-g32 | - | |
asus | rt-n10\+d1 | - | |
asus | rt-n10e | - | |
asus | rt-n14u | - | |
asus | rt-n16 | - | |
asus | rt-n19 | - | |
asus | rt-n56r | - | |
asus | rt-n56u | - | |
asus | rt-n600 | - | |
asus | rt-n65u | - | |
asus | rt-n66r | - | |
asus | rt-n66u | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*", "matchCriteriaId": "4F4DB439-E9CC-4BA5-9A05-B51BF8DCD038", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:asus:gt-ac2900:-:*:*:*:*:*:*:*", "matchCriteriaId": "B581C286-7C47-42BF-8876-243285409374", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:gt-ac5300:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D2B9867-7DA3-4221-9148-36FD412FA993", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BE19DF1-EB89-4CE5-956F-79BD4AD5E52F", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200_v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "80BBA2CB-3DD3-4A8F-9556-E845AFAB2043", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200g:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CF74439-AD6D-4BBB-9254-640170FE1CF3", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1200ge:-:*:*:*:*:*:*:*", "matchCriteriaId": "2078161F-17EB-45EE-BCE9-C86B3860FD5C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*", "matchCriteriaId": "59001E8D-E835-464A-915A-AAF59F2F397F", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "51FC355D-5C81-4041-B649-EB271CA55AFD", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1E5EEF4-D19B-41D1-86B6-F2CBB745570E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9B17C2B-A1EC-4FC1-8AB1-F35D9E3A0AA2", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFE8A3B1-284B-40EC-872E-B8F7103F108C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*", "matchCriteriaId": "24748D40-7F43-44DA-BBEF-46D85D2AADA3", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*", "matchCriteriaId": "55EE62D6-1E29-4E84-8944-D3D68E212140", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C7DF43D-7EEE-405C-BB2B-822936BCB4A0", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56r:-:*:*:*:*:*:*:*", "matchCriteriaId": "E32874C8-05B6-44A1-B118-DC2F4FE62134", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56s:-:*:*:*:*:*:*:*", "matchCriteriaId": "63A1E548-F12D-4BF7-9C01-1325A725FF91", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3E87BA7-FACD-46B2-BE2A-9EFEA3C62C17", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66r:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D59C40A-D9BA-455B-9F9E-D3B6FB80BC13", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*", "matchCriteriaId": "1ED39CBC-80ED-4037-9285-4D4CFA45F00E", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u-b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD103F76-C432-4577-8465-831E0314D8D4", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F6B0EC4-797D-4059-AA90-EC09A49FE105", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*", "matchCriteriaId": "5713F0F3-B616-42B7-A0D8-7983F00E79FE", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac87u:-:*:*:*:*:*:*:*", "matchCriteriaId": "317B2498-88CE-431F-97E1-EFE7F7E34E05", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*", "matchCriteriaId": "81008E66-B5E8-4DE5-B14D-E6983C69BC29", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-acrh12:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EF9FF00-2DDC-4900-8A93-A51E41EA5C17", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*", "matchCriteriaId": "41AF79B6-D208-4357-A08D-D1AB6F136F59", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D747097-702E-4046-9723-01A586336534", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*", "matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AD16BBF-DB02-4E96-A310-82C13898B29D", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n10\\+d1:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8794D4A-5E8C-432D-A2FB-9CF86158E8D5", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n10e:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AFCC588-AAA6-45FA-8D1F-E57C7693D27A", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n14u:-:*:*:*:*:*:*:*", "matchCriteriaId": "85B0C29C-29A5-4659-8D76-9241B13682DF", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n16:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E016FE0-0A28-49AA-A213-38A5F7728FE2", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n19:-:*:*:*:*:*:*:*", "matchCriteriaId": "507A5D4D-CAF9-4417-9EA6-B499E04D1CDD", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n56r:-:*:*:*:*:*:*:*", "matchCriteriaId": "14C092D3-14B2-4DBB-8C20-D15F0BA33FA8", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "534C0C95-9DD2-464C-8776-01B47398FE13", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*", "matchCriteriaId": "481C7F6F-23A4-4B8B-8E14-44ADFCBE8C58", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n65u:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5567C97-0AE2-429B-B4D7-1CF501BD2C07", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n66r:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB4466BA-09EB-43F0-9610-6574F10B5810", "vulnerable": false }, { "criteria": "cpe:2.3:h:asus:rt-n66u:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A60BB38-11FC-48C4-B592-29C6C3A6FEAE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router." }, { "lang": "es", "value": "Se detect\u00f3 un problema en ASUSWRT versi\u00f3n 3.0.0.4.384.20308. Un usuario no autenticado puede solicitar el archivo /update_applist.asp para visualizar si un dispositivo USB se encuentra adjunto al enrutador y si hay aplicaciones instaladas en el enrutador." } ], "id": "CVE-2018-20333", "lastModified": "2024-11-21T04:01:15.320", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-03-20T01:15:22.267", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://starlabs.sg/advisories/18-20333/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://starlabs.sg/advisories/18-20333/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }