Code injection

2014-04-2213:06:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.0%

JSON

Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.

CPENameOperatorVersion
rt-ac66u_firmwareeq3.0.0.4.140
rt-ac66u_firmwareeq3.0.0.4.220
rt-ac66u_firmwareeq3.0.0.4.246
rt-ac66u_firmwareeq3.0.0.4.260
rt-ac66u_firmwareeq3.0.0.4.270
rt-ac66u_firmwareeq3.0.0.4.354
rt-ac68u_firmwareeq3.0.0.4.374.4755
rt-ac68u_firmwareeq3.0.43744561
rt-ac68u_firmwareeq3.0.43744887
rt-n10e_firmwareeq2.0.0.7

Name	Operator	Version
rt-ac66u_firmware	eq	3.0.0.4.140
rt-ac66u_firmware	eq	3.0.0.4.220
rt-ac66u_firmware	eq	3.0.0.4.246
rt-ac66u_firmware	eq	3.0.0.4.260
rt-ac66u_firmware	eq	3.0.0.4.270
rt-ac66u_firmware	eq	3.0.0.4.354
rt-ac68u_firmware	eq	3.0.0.4.374.4755
rt-ac68u_firmware	eq	3.0.43744561
rt-ac68u_firmware	eq	3.0.43744887
rt-n10e_firmware	eq	2.0.0.7