CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.3%
Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.
Vendor | Product | Version | CPE |
---|---|---|---|
asus | tm-ac1900_firmware | 3.0.0.4..374_979 | cpe:2.3:o:asus:tm-ac1900_firmware:3.0.0.4..374_979:*:*:*:*:*:*:* |
asus | tm-ac1900 | - | cpe:2.3:h:asus:tm-ac1900:-:*:*:*:*:*:*:* |
asus | rt-n56u_firmware | 3.0.0.4..374_979 | cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4..374_979:*:*:*:*:*:*:* |
asus | rt-n56u | - | cpe:2.3:h:asus:rt-n56u:-:*:*:*:*:*:*:* |
asus | rt-ac66u_firmware | 3.0.0.4..374_979 | cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4..374_979:*:*:*:*:*:*:* |
asus | rt-ac66u | - | cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:* |