4 matches found
Server side request forgery (ssrf)
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided...
CVE-2016-6558 The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to command injection
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the actionscript parameter. The actionscript parameter specifies a script to be executed if the actionmode parameter does not conta...
ASUS RP-AC52 Access Point Command Injection Vulnerability
The ASUS RP-AC52 Access Point is a wireless access point from ASUS. A command injection vulnerability exists in the ASUS RP-AC52 Access Point using firmware version 1.0.1.1s. A remote attacker can exploit the vulnerability to execute arbitrary commands...
ASUS RP-AC52 Access Point Cross-Site Request Forgery Vulnerability
The ASUS RP-AC52 Access Point is a wireless access point from ASUS. A cross-site request forgery vulnerability exists in the ASUS RP-AC52 Access Point using firmware version 1.0.1.1s. A remote attacker can exploit this vulnerability to modify settings and take full control of the system...