6 matches found
Exploit for Stack-based Buffer Overflow in Asustor Data_Master
CVE-2026-6643 — ASUSTOR ADM 5.1.2 RCE Format String CWE-134...
ASUSWRT vpnupload.cgi authentication bypass
Added: 02/28/2018 CVE: CVE-2018-5999 Background ASUSWRT is the firmware used in many ASUS devices. Problem The combination of two separate vulnerabilities in ASUSWRT allows remote attackers to execute arbitrary commands. The first vulnerability allows an unauthenticated user to make certain POST...
ASUSWRT vpnupload.cgi authentication bypass
Added: 02/28/2018 CVE: CVE-2018-5999 Background ASUSWRT is the firmware used in many ASUS devices. Problem The combination of two separate vulnerabilities in ASUSWRT allows remote attackers to execute arbitrary commands. The first vulnerability allows an unauthenticated user to make certain POST...
ASUSWRT vpnupload.cgi authentication bypass
Added: 02/28/2018 CVE: CVE-2018-5999 Background ASUSWRT is the firmware used in many ASUS devices. Problem The combination of two separate vulnerabilities in ASUSWRT allows remote attackers to execute arbitrary commands. The first vulnerability allows an unauthenticated user to make certain POST...
ASUSWRT Device Unauthenticated Modified Configuration Vulnerability
ASUS AsusWRT is a set of router operating systems from ASUS. A security vulnerability exists in the 'dovpnuploadpost' function in the router/httpd/web.c file of the vpnupload.cgi file in versions prior to ASUS AsusWRT 3.0.0.4.38410007. An attacker can exploit this vulnerability by sending a...
CVE-2018-6000
An issue was discovered in AsusWRT before 3.0.0.4.38410007. The dovpnuploadpost function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon or enable infosvr command mode,...