8 matches found
CVE-2017-12591
ASUS DSL-N10S V2.1.16APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter...
CVE-2017-12592
ASUS DSL-N10S V2.1.16APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their privileges...
CVE-2017-12593
ASUS DSL-N10S V2.1.16APAC devices allow CSRF...
Cross site scripting
ASUS DSL-N10S V2.1.16APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter...
Cross site request forgery (csrf)
ASUS DSL-N10S V2.1.16APAC devices allow CSRF...
CVE-2017-12591
CVE-2017-12591 affects ASUS DSL-N10S V2.1.16_APAC. The vulnerability is a cross‑site scripting (XSS) flaw in the snmpSysName parameter, allowing reflected and stored XSS on the device. Root cause: improper handling of the snmpSysName input. Impact is described as XSS with low to medium overall se...
CVE-2017-12593
Affected product : ASUS DSL-N10S V2.1.16_APAC. Vulnerability : Cross‑Site Request Forgery (CSRF) in the device. Root cause/condition : Exploitation to induce unauthorized operations by a remote attacker. Impact : Confidentiality/Integrity/Availability implications described as high in CVSS metric...
CVE-2017-12593
ASUS DSL-N10S V2.1.16APAC devices allow CSRF...