18 matches found
CVE-2025-1354
A cross-site scripting XSS vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of...
EUVD-2020-16391
Malware in sbrugna...
EUVD-2025-2115
Malicious code in bioql PyPI...
CVE-2020-23648
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / startapply.htm, an attacker can change the administrator password without any authentication...
ASUS RT-N12E Cross-Site Scripting Vulnerability
The ASUS RT-N12E is a wireless router from the Chinese company ASUS. A cross-site scripting vulnerability exists in ASUS RT-N12E version 2.0.0.19, which stems from the lack of effective filtering and escaping of user-supplied data in the SSID parameter of the sysinfo.asp file, which can be...
CVE-2025-1354
A cross-site scripting XSS vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of...
CVE-2025-1354
A cross-site scripting XSS vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of...
CVE-2025-1354
A cross-site scripting XSS vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of...
CVE-2025-1354
CVE-2025-1354 affects Asus RT-N10E/RT-N12E devices running firmware 2.0.0.x. It is a reflected XSS vulnerability triggered by manipulating the SSID parameter in sysinfo.asp, due to improper input validation. This can lead to disclosure of sensitive information. All RT-N10E/RT-N12E versions are EO...
ASUS RT-N12E 代码注入漏洞
The ASUS RT-N12E is a wireless router from the Chinese company ASUS. A cross-site scripting vulnerability exists in ASUS RT-N12E version 2.0.0.19, which stems from the lack of effective filtering and escaping of user-supplied data in the SSID parameter of the sysinfo.asp file, which can be...
CVE-2020-23648
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / startapply.htm, an attacker can change the administrator password without any authentication...
Authentication flaw
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / startapply.htm, an attacker can change the administrator password without any authentication...
CVE-2020-23648
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / startapply.htm, an attacker can change the administrator password without any authentication...
PT-2022-8690 · Asus · Asus Rt-N12+
Name of the Vulnerable Software and Affected Versions: Asus RT-N12E version 2.0.0.39 Description: The issue is related to incorrect access control. An attacker can change the administrator password without authentication through the "system.asp" and "start apply.htm" API endpoints. Recommendation...
ASUS RT-N12E 访问控制错误漏洞
The ASUS RT-N12E is a wireless router from Asus China. An Access Control Error vulnerability exists in ASUS RT-N12E version 2.0.0.39, which stems from incorrect access control. An attacker can exploit the vulnerability to change the administrator password...
CVE-2020-23648
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / startapply.htm, an attacker can change the administrator password without any authentication...
CVE-2020-23648
CVE-2020-23648 affects Asus RT-N12E with firmware 2.0.0.39. The root cause is an incorrect access control allowing an attacker to change the administrator password via system.asp and start_apply.htm without authentication. Documented impact is unauthorized admin access (credential modification), ...
ASUS infosvr - Authentication Bypass Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS infosvr Auth Bypass Command Execution', 'Description' = %q This module exploits an authentication bypass vulnerability in the infosvr service...