CVE-2023-39780

On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /startapply.htm qosbwrulelist parameter. NOTE: for the similar "token-generated module" issue, see CVE-2023-41345; for the similar "token-refresh module" issue, see CVE-2023-41346; for the...

CVE-2023-34940

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-34942

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-34942

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-34940

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

PT-2023-25070 · Asus · Asus Rt-N10Lx Router

Name of the Vulnerable Software and Affected Versions: Asus RT-N10LX Router version 2.0.0.39 Description: A stack overflow issue was discovered via the mac parameter at the "/start-apply.html" API endpoint. This issue only affects products that are no longer supported by the maintainer...

ASUS RT-N10LX 缓冲区错误漏洞

ASUS RT-N10LX is a router from Asus China. A security vulnerability exists in ASUS RT-N10LX Router version v2.0.0.39, which was discovered to contain a stack overflow vulnerability via the url parameter of /start-apply.html...

ASUS RT-N10LX 缓冲区错误漏洞

ASUS RT-N10LX is a router from Asus China. A security vulnerability exists in ASUS RT-N10LX Router version v2.0.0.39, which originates from a discovery containing a stack overflow vulnerability via the mac parameter in /start-apply.html...

PT-2023-25068 · Asus · Asus Rt-N10Lx Router

Name of the Vulnerable Software and Affected Versions: Asus RT-N10LX Router version 2.0.0.39 Description: A stack overflow issue was discovered via the url parameter at the "/start-apply.html" API endpoint. This issue only affects products that are no longer supported by the maintainer...

ASUS GT-AC5300 Cross-Site Request Forgery Vulnerability

The ASUS GT-AC5300 is a wireless router from ASUS. A cross-site request forgery vulnerability exists in the ASUS GT-AC5300 using firmware version 3.0.0.4.38432738 and earlier. A remote attacker can exploit the vulnerability by sending a request to the startapply.htm page to change the administrat...

CVE-2018-17023

Cross-site request forgery CSRF vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.38432738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to startapply.htm...

Asus RT-G32 Router Cross-Site Scripting Vulnerability

ASUS RT-G32 is a wireless router product from ASUS. A cross-site scripting vulnerability exists in the Asus RT-G32 router. The vulnerability exists because the startapply.htm script fails to adequately filter 'nextpage', 'groupid', 'actionscript ' and 'flag' parameters. A remote attacker could us...