Reporter Japan Vulnerability Notes
Multiple wireless LAN routers provided by ASUS JAPAN Inc. contain a cross-site request forgery vulnerability.
If a user views a malicious page while logged in, unintended operations may be conducted.
In addition, when this vulnerability is exploited along with the vulnerability stated in JVN#77792759, an arbitrary OS command may be executed.
Update the Firmware
Apply the appropriate firmware update provided by the developer.
## Products Affected
- RT-AC87U Firmware versions prior to 22.214.171.124.378.6065
- RT-AC68U Firmware versions prior to 126.96.36.199.378.6152
- RT-AC56S Firmware versions prior to 188.8.131.52.378.6065
- RT-N66U Firmware versions prior to 184.108.40.206.378.6065
- RT-N56U Firmware versions prior to 220.127.116.11.378.6065
[Added on June 17, 2015]
Note that the firmware versions released on January 12, 2015 did not address the vulnerability completely. Newer firmware versions have been released.