Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2017-15653

Published: 31/01/2018 Updated: 27/02/2018
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Asus

Vulnerability Summary

Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

asus asuswrt

Github Repositories

https://github.com/aoeII/asuswrt-for-Tenda-AC9-Router

To complie asuswrt for Tenda AC9 Router

asuswrt-for-Tenda-AC9-Router To complie asuswrt for Tenda AC9 Router dlcdnetsasuscom/pub/ASUS/wireless/RT-AC1200G+/GPL_RT_AC1200GPlus_300438252272zip Version 300438252272 2020/07/23 69179 MBytes 安全性修正 修正 CVE-2020-12695 (CallStranger) 修正 Reflected XSS 漏洞 修正 Directory traversal 漏洞 修正 CVE-2017-15653 由於增強伺服器安全

References

CWE-613http://seclists.org/fulldisclosure/2018/Jan/63http://packetstormsecurity.com/files/145921/ASUSWRT-3.0.0.4.382.18495-Session-Hijacking-Information-Disclosure.htmlhttps://nvd.nist.govhttps://github.com/aoeII/asuswrt-for-Tenda-AC9-Router
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook