7 matches found
EUVD-2018-7744
Malware in sbrugna...
Cross site request forgery (csrf)
MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...
CVE-2018-15887
MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...
CVE-2018-15887
The CVE-2018-15887 entry concerns ASUS DSL-N12E_C1 (firmware version 1.1.2.3_345). A vulnerability in Main_Analysis_Content.asp allows an authenticated remote attacker to execute arbitrary OS commands by crafting service parameters (e.g., destIP in a cmdMethod=ping request). Affected component/fu...
CVE-2018-15887
MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request. Recent assessments:...
ASUS DSL-N12E_C1 1.1.2.3_345 Remote Command Execution
Exploit Title: ASUS DSL-N12EC1 1.1.2.3345 - Remote Command Execution Date: 2018-08-02 Exploit Author: Fakhri Zulkifli @d0lph1n98 Vendor Homepage: https://www.asus.com/ Software Link: https://www.asus.com/Networking/DSLN12EC1/HelpDeskBIOS/ Version: 1.1.2.3345 Tested on: 1.1.2.3345 GET...
ASUS DSL-N12E_C1 1.1.2.3_345 - Remote Command Execution
Exploit Title: ASUS DSL-N12EC1 1.1.2.3345 - Remote Command Execution Date: 2018-08-02 Exploit Author: Fakhri Zulkifli @d0lph1n98 Vendor Homepage: https://www.asus.com/ Software Link: https://www.asus.com/Networking/DSLN12EC1/HelpDeskBIOS/ Version: 1.1.2.3345 Tested on: 1.1.2.3345 GET...