EUVD-2017-2973

Malware in sbrugna...

EUVD-2017-2974

Malware in sbrugna...

EUVD-2018-20485

Malware in sbrugna...

EUVD-2018-20486

Malware in sbrugna...

CVE-2018-8879

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters ar...

CVE-2018-8877

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the newlanip variable on the errorpage.htm page...

CVE-2018-8878

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the customid variable on the blocking.asp...

CVE-2022-26376

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.38648706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

CVE-2018-8877

CVE-2018-8877 affects Asuswrt-Merlin firmware on ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470. The issue is an information disclosure: remote attackers can read the new_lan_ip variable on error_page.htm to learn internal network IP address ranges. Root cause is reading...

CVE-2018-8879

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters ar...

Multiple ASUS Products Asuswrt-Merlin httpd Stack Buffer Overflow Vulnerability

ASUS RT-AC5300 and others are wireless routers from Asus ASUS. asus Asuswrt-Merlin is the firmware that runs in it. httpd is one of the embedded http servers. A stack buffer overflow vulnerability exists in Asuswrt-Merlin 380.670RT-AC5300 and prior versions of httpd in several ASUS products. A...

CVE-2017-11420

Stack-based buffer overflow in ASUSDiscovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...