CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Hello 3APA3A! There are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in ASUS Wireless Router RT-G32. ------------------------- Affected products: ------------------------- Vulnerable is the next model: ASUS RT-G32 with different versions of firmware. I checked in ASUS RT-G3...

6.3AI score

Exploits0

CNVD•added 2015/03/24 12:0 a.m.•2 views

Asus RT-G32 Router Cross-Site Scripting Vulnerability

ASUS RT-G32 is a wireless router product from ASUS. A cross-site scripting vulnerability exists in the Asus RT-G32 router. The vulnerability exists because the startapply.htm script fails to adequately filter 'nextpage', 'groupid', 'actionscript ' and 'flag' parameters. A remote attacker could us...

4.3CVSS6.2AI score0.00336EPSS

Exploits1References1

NVD•added 2015/03/23 4:59 p.m.•7 views

CVE-2015-2681

Multiple cross-site scripting XSS vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 nextpage, 2 groupid, 3 actionscript, or 4 flag parameter to startapply.htm...

4.3CVSS5.9AI score0.00336EPSS

Exploits1References4

NVD•added 2015/03/23 4:59 p.m.•11 views

CVE-2015-2676

Cross-site request forgery CSRF vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to startapply.htm...

6.8CVSS7.3AI score0.0017EPSS

Exploits1References4

Prion•added 2015/03/23 4:59 p.m.•12 views

Cross site request forgery (csrf)

6.8CVSS7.8AI score0.0017EPSS

Exploits1References4Affected Software1

Prion•added 2015/03/23 4:59 p.m.•10 views

Cross site scripting

4.3CVSS6.1AI score0.00336EPSS

Exploits1References4Affected Software1

CVE•added 2015/03/23 4:0 p.m.•43 views

CVE-2015-2676

CVE-2015-2676 affects Asus RT-G32 routers (firmware 2.0.2.6 and 2.0.3.2). A CSRF flaw lets an attacker hijack admin authentication and force password changes via start_apply.htm. Affected component: web interface; root cause: CSRF enabling unauthorized admin actions. Impact: compromise of admin c...

6.8CVSS7.5AI score0.0017EPSS

Exploits1References4Affected Software1

Cvelist•added 2015/03/23 4:0 p.m.•14 views

CVE-2015-2681

5.9AI score0.00336EPSS

Exploits1References4

CVE•added 2015/03/23 4:0 p.m.•49 views

CVE-2015-2681

Affected product: Asus RT-G32 router. Vulnerable component: start_apply.htm handling for parameters next_page, group_id, action_script, and flag. Root cause: insufficient input validation allowing cross-site scripting (XSS) via these parameters in firmware versions 2.0.2.6 and 2.0.3.2. Impact: re...

4.3CVSS6AI score0.00336EPSS

Exploits1References4Affected Software1

Kaspersky•added 2015/03/23 12:0 a.m.•44 views

KLA10495 Multiple vulnerabilities in Asus RT-G32 router

Multiple serious vulnerabilities have been found in Asus RT-G32. Malicious users can exploit these vulnerabilities to inject arbitrary code or hijack administrator authentication. Multiple XSS and CSRF vulnerabilities can be exploited remotely via vectors related to startapply.htm Original...

6.8CVSS6.9AI score0.00336EPSS

Exploits2References2

securityvulns•added 2015/03/08 12:0 a.m.•34 views

Asus RT-G32 security vulnerabilities

XSS, CSRF...

2.5AI score

Exploits0References1

securityvulns•added 2015/03/08 12:0 a.m.•80 views

Vulnerabilities in ASUS RT-G32

6.3AI score

Exploits0

Packet Storm•added 2015/03/07 12:0 a.m.•40 views

ASUS RT-G32 Cross Site Request Forgery / Cross Site Scripting

Hello list! There are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in ASUS Wireless Router RT-G32. ------------------------- Affected products: ------------------------- Vulnerable is the next model: ASUS RT-G32 with different versions of firmware. I checked in ASUS RT-G32...

0.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by