9 matches found
UPDATED VERSION: RouterSploit 3.4.0
PenTestIT RSS Feed RouterSploit 3.4.0, the long awaited router exploitation framework update is out guys! This release includes some really cool features and updates such as using pycryptodome from pycryptoand newer exploitation modules! Read on for the improvements. What is RouterSploit? The...
ASUSWRT vpnupload.cgi authentication bypass
Added: 02/28/2018 CVE: CVE-2018-5999 Background ASUSWRT is the firmware used in many ASUS devices. Problem The combination of two separate vulnerabilities in ASUSWRT allows remote attackers to execute arbitrary commands. The first vulnerability allows an unauthenticated user to make certain POST...
CVE-2018-5999
creationtimestamp| type| source ---|---|--- 2018-02-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44176 2018-03-01 08:53:42+00:00| published-proof-of-concept| https://t.me/antichat/1000 2018-05-29 15:50:33+00:00| seen|...
AsusWRT Router Remote Code Execution
Unauthenticated LAN remote code execution in AsusWRT Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Disclosure: 22/01/2018 / Last updated: 25/01/2018 Background and summary AsusWRT is the...
ASUS Patches Root Command Execution Flaws Haunting Over a Dozen Router Models
ASUS released patches for over a dozen router models on Tuesday that are each vulnerable to multiple firmware flaws that when combined give a local unauthenticated attacker the ability to execute commands as root on targeted devices. Routers models patched by ASUS are RT-AC88U, RT-AC3100, RT-AC86...
CVE-2018-5999
An issue was discovered in AsusWRT before 3.0.0.4.38410007. In the handlerequest function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails...
CVE-2018-5999
Affected software: AsusWRT on Asus routers (firmware prior to 3.0.0.4.384_10007). Vulnerability: In handle_request() of router/httpd/httpd.c, processing of POST requests can continue after authentication fails, enabling unauthenticated access. Impact: Unauthenticated LAN remote code execution wit...
AsusWRT Router 3.0.0.4.380.7743 - LAN Remote Code Execution
AsusWRT Router 3.0.0.4.380.7743 - LAN Remote Code Execution Unauthenticated LAN remote code execution in AsusWRT Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Disclosure: 22/01/2018 / Last...
AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution
Unauthenticated LAN remote code execution in AsusWRT Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Disclosure: 22/01/2018 / Last updated: 25/01/2018 Background and summary AsusWRT is the...