17 matches found
EUVD-2021-26568
Malware in sbrugna...
CVE-2021-3229
Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.38410177 and earlier versions allows an attacker to disrupt the use of device setup services via continuous login error...
CVE-2024-0401 ASUS OVPN RCE
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U,...
CVE-2024-0401
CVE-2024-0401 affects multiple ASUS routers that support custom OpenVPN profiles. An authenticated, remote attacker can execute arbitrary OS commands by uploading a crafted OVPN profile, with impact on confidentiality, integrity, and availability per the cited sources. Affected models include: AS...
CVE-2023-31195
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted 'http' connection, t...
CVE-2023-31195
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted 'http' connection, t...
CVE-2023-31195
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted 'http' connection, t...
CVE-2023-31195
CVE-2023-31195 affects ASUS Router RT-AX3000 firmware older than 3.0.0.4.388.23403, where cookies are stored without the Secure attribute. This enables session hijacking in a man-in-the-middle scenario if a user logs in over unencrypted HTTP. Public sources uniformly describe an adversary-in-the-...
PT-2023-23221 · Asus · Asus Router Rt-Ax3000
Name of the Vulnerable Software and Affected Versions: ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 Description: The issue arises from the use of sensitive cookies without the 'Secure' attribute. This allows an attacker, who can mount a man-in-the-middle attack, to potential...
ASUS RT-AX3000 安全漏洞
The ASUS RT-AX3000 is a router from Asus China. A security vulnerability exists in ASUS RT-AX3000 versions prior to 3.0.0.4.388.23403, which stems from the use of insecure and sensitive cookies and could lead to information disclosure...
JVN#34232595: ASUS Router RT-AX3000 vulnerable to using sensitive cookies without 'Secure' attribute
ASUS Router RT-AX3000 provided by ASUSTeK COMPUTER INC. uses sensitive cookies without 'Secure' attribute CWE-614. Impact When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted 'http' connectio...
CVE-2021-41435
CVE-2021-41435 affects a broad set of ASUS router models and TUF/ZenWiFi devices. The flaw is a brute-force protection bypass in the CAPTCHA protection that allows a remote attacker to perform an arbitrary number of login attempts by sending a specific HTTP request. Affected versions are before 3...
ASUS RT-AX3000 安全漏洞
ASUS RT-AX3000 and others are products of Asus China.ASUS RT-AX3000 is a router.ASUS ZenWiFi AX is a WIFI system.ASUS RT-AX88U is a wireless router. A security vulnerability exists in multiple ASUS routers that stems from a routing loop that can occur when using IPv6, which generates excessive...
ASUS RT-AX3000 Denial of Service Vulnerability
ASUS RT-AX3000 is a firmware from ASUS Taiwan, China that runs in its routers.A security vulnerability exists in ASUS RT-AX3000 that could be exploited by an attacker to interrupt the use of the device's installation services via a continuous login error...
CVE-2021-3229
Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.38410177 and earlier versions allows an attacker to disrupt the use of device setup services via continuous login error...
CVE-2021-3229
CVE-2021-3229 affects ASUSWRT on ASUS RT-AX3000 firmware
ASUSWRT ASUS RT-AX3000 安全漏洞
ASUS RT-AX3000 is a firmware from ASUS Taiwan, China that runs in its routers.A security vulnerability exists in ASUS RT-AX3000 that could be exploited by an attacker to interrupt the use of the device's installation services via a continuous login error...