39 matches found
PT-2025-46772
Name of the Vulnerable Software and Affected Versions ASUS DSL Series Routers affected versions not specified Description An authentication bypass issue exists in ASUS DSL series routers. This flaw allows remote, unauthenticated attackers to gain unauthorized access to affected systems...
EUVD-2021-26509
Malware in sbrugna...
EUVD-2017-4162
Malware in sbrugna...
EUVD-2018-7744
Malware in sbrugna...
CVE-2021-3254
Asus DSL-N14U-B1 1.1.2.3805 allows remote attackers to cause a Denial of Service DoS via a TCP SYN scan using nmap...
CVE-2022-32988
Cross Site Scripting XSS vulnerability in router Asus DSL-N14U-B1 1.1.2.3805 via the "list" parameters e.g. filterlwlist, keywordrulelist, etc in every ".asp" page containing a list of stored strings. The following asp files are affected: 1 cgi-bin/APPInstallation.asp, 2...
Cross site scripting
Cross Site Scripting XSS vulnerability in router Asus DSL-N14U-B1 1.1.2.3805 via the "list" parameters e.g. filterlwlist, keywordrulelist, etc in every ".asp" page containing a list of stored strings. The following asp files are affected: 1 cgi-bin/APPInstallation.asp, 2...
CVE-2022-32988
Cross Site Scripting XSS vulnerability in router Asus DSL-N14U-B1 1.1.2.3805 via the "list" parameters e.g. filterlwlist, keywordrulelist, etc in every ".asp" page containing a list of stored strings. The following asp files are affected: 1 cgi-bin/APPInstallation.asp, 2...
CVE-2022-32988
CVE-2022-32988 is an XSS vulnerability in Asus DSL-N14U-B1 firmware version 1.1.2.3_805. The issue arises in the web UI exposed through a large set of ASP pages that render lists of stored strings, where the *list parameters (examples: filter_lwlist, keyword_rulelist, etc) are not properly saniti...
Asus DSL-N14U-B1 Denial of Service Vulnerability
The ASUS DSL-N14U-B1 is a router device from Asus China. A denial of service vulnerability exists in the Asus DSL-N14U-B1 version 1.1.2.3805. The vulnerability stems from a failure to properly handle incoming error messages and can be exploited by a remote attacker to cause a denial of service Do...
CVE-2021-3254
Asus DSL-N14U-B1 1.1.2.3805 allows remote attackers to cause a Denial of Service DoS via a TCP SYN scan using nmap...
CVE-2021-3254
Asus DSL-N14U-B1 1.1.2.3805 allows remote attackers to cause a Denial of Service DoS via a TCP SYN scan using nmap...
Arcadyan Directory Traversal Vulnerability (Apr 2021) - Active Check
Arcadyan devices are prone to a directory traversal vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
ASUS DSL-N14U-B1 code issue vulnerability
ASUS DSL-N14U-B1 is a router device from ASUS China. ASUS DSL-N14U-B1 1.1.2.3805 devices is vulnerable and can be exploited by attackers to upload arbitrary file content as a firmware update...
CVE-2021-3166
An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3805 devices. An attacker can upload arbitrary file content as a firmware update when the filename SettingsDSL-N14U-B1.trx is used. Once this file is loaded, shutdown measures on a wide range of services are triggered as if it were a real update,...
CVE-2021-3166
An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3805 devices. An attacker can upload arbitrary file content as a firmware update when the filename SettingsDSL-N14U-B1.trx is used. Once this file is loaded, shutdown measures on a wide range of services are triggered as if it were a real update,...
ASUS DSL-N17U License Issue Vulnerability
The ASUS DSL-N17U is a router from the Chinese company ASUS. An authorization issue vulnerability exists in the ASUS DSL-N17U modem with firmware version 1.1.0.2, which stems from a lack of authentication measures or insufficient authentication strength. An unauthenticated attacker can change the...
CVE-2020-35219
The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by changing the admin password without authentication via a POST request to AdvancedSystemContent.asp with the uiViewToolsusername=admin&uiViewToolsPassword= and uiViewToolsPasswordConfirm= substrings...
Cross site request forgery (csrf)
MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...
CVE-2018-15887
The CVE-2018-15887 entry concerns ASUS DSL-N12E_C1 (firmware version 1.1.2.3_345). A vulnerability in Main_Analysis_Content.asp allows an authenticated remote attacker to execute arbitrary OS commands by crafting service parameters (e.g., destIP in a cmdMethod=ping request). Affected component/fu...