7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:C/A:N
7.6 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
62.2%
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
CPE | Name | Operator | Version |
---|---|---|---|
t-mobile:tm-ac1900 | t-mobile tm-ac1900 | eq | 3.0.0.4.376_3169 |