EUVD-2018-10025

Malware in sbrugna...

EUVD-2018-10021

Malware in sbrugna...

CVE-2018-18291

A cross site scripting XSS vulnerability on ASUS RT-AC58U 3.0.0.4.3806516 devices allows remote attackers to inject arbitrary web script or HTML via AdvancedASUSDDNSContent.asp, AdvancedWSecurityContent.asp, AdvancedWirelessContent.asp, Logout.asp, MainLogin.asp, MobileQISLogin.asp, QISwizard.htm...

ASUS RT-AC58U Cross-Site Scripting Vulnerability

ASUS RT-AC58U is a wireless router product from ASUS. A cross-site scripting vulnerability exists in ASUS RT-AC58U version 3.0.0.4.3806516. The vulnerability can be exploited to inject arbitrary web script or HTML via multiple files AdvancedASUSDDNSContent.asp, AdvancedWSecurityContent.asp,...

ASUS RT-AC58U Information Disclosure Vulnerability

ASUS RT-AC58U is a wireless router product from ASUS. A security vulnerability exists in ASUS RT-AC58U version 3.0.0.4.3806516. The vulnerability can be exploited by a remote attacker to obtain the hostname and IP address by reading the dhcpLeaseInfo data in the HTML source code of the...

Cross site scripting

A cross site scripting XSS vulnerability on ASUS RT-AC58U 3.0.0.4.3806516 devices allows remote attackers to inject arbitrary web script or HTML via AdvancedASUSDDNSContent.asp, AdvancedWSecurityContent.asp, AdvancedWirelessContent.asp, Logout.asp, MainLogin.asp, MobileQISLogin.asp, QISwizard.htm...

CVE-2018-18287

On ASUS RT-AC58U 3.0.0.4.3806516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the MainLogin.asp page...

CVE-2018-18291

A cross site scripting XSS vulnerability on ASUS RT-AC58U 3.0.0.4.3806516 devices allows remote attackers to inject arbitrary web script or HTML via AdvancedASUSDDNSContent.asp, AdvancedWSecurityContent.asp, AdvancedWirelessContent.asp, Logout.asp, MainLogin.asp, MobileQISLogin.asp, QISwizard.htm...

CVE-2018-18291

A cross site scripting XSS vulnerability on ASUS RT-AC58U 3.0.0.4.3806516 devices allows remote attackers to inject arbitrary web script or HTML via AdvancedASUSDDNSContent.asp, AdvancedWSecurityContent.asp, AdvancedWirelessContent.asp, Logout.asp, MainLogin.asp, MobileQISLogin.asp, QISwizard.htm...

Code injection

On ASUS RT-AC58U 3.0.0.4.3806516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the MainLogin.asp page...

CVE-2018-18291

A cross site scripting XSS vulnerability on ASUS RT-AC58U 3.0.0.4.3806516 devices allows remote attackers to inject arbitrary web script or HTML via AdvancedASUSDDNSContent.asp, AdvancedWSecurityContent.asp, AdvancedWirelessContent.asp, Logout.asp, MainLogin.asp, MobileQISLogin.asp, QISwizard.htm...

CVE-2018-18287

On ASUS RT-AC58U 3.0.0.4.3806516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the MainLogin.asp page...

CVE-2018-18287

Affected product : ASUS RT-AC58U router (firmware 3.0.0.4.380_6516). Vulnerability : Information disclosure via reading dhcpLeaseInfo data in the HTML source of Main_Login.asp, allowing remote attackers to discover hostnames and IP addresses. Root cause : The HTML page exposes DHCP lease informat...

CVE-2018-18291

CVE-2018-18291 affects ASUS RT-AC58U (firmware 3.0.0.4.380_6516). It is a cross-site scripting (XSS) vulnerability, exploitable via multiple web interface pages (e.g., Advanced_ASUSDDNS_Content.asp, Advanced_WSecurity_Content.asp, Advanced_Wireless_Content.asp, Logout.asp, Main_Login.asp, etc.). ...

Asus_DeleteOfflineClientOverflow

Vulnerability: Stack buffer overflow in httpd ------------------------------------------ Exploitation: Can control the $pc. Use together with a session hijack vulnerability or in a csrf attack, can remote code execution and then get a connectback shell. ------------------------------------------...

CVE-2017-11345

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...