4 matches found
CVE-2017-15656
Password are stored in plaintext in nvram in the HTTPd server in all current versions = 3.0.0.4.380.7743 of Asus asuswrt...
CVE-2017-15656
Password are stored in plaintext in nvram in the HTTPd server in all current versions = 3.0.0.4.380.7743 of Asus asuswrt...
CVE-2017-15656
CVE-2017-15656 is confirmed to affect AsusWRT firmware with the httpd nvram storage path. Multiple connected sources state plaintext passwords are stored in nvram and thus readable without proper protection in versions up to 3.0.0.4.380.7743 (and earlier per CNVD), enabling an attacker with acces...
Multiple vulnerabilities in all versions of ASUS routers
1 ASUSWRT 3.0.0.4.376 - multiple vulnerabilities in httpd server all versions of AsusWRT at the time of report to vendor, for previous 376 version see next section 1. Highly predictable session tokens The session token is generated for an authenticated user using stdlib rand function. The token...